Adding new monitor user in Nagios

Add monitor user to htpasswd.users file

[root@nagios usr]# htpasswd /etc/nagios/htpasswd.users monitor
New password:
Re-type new password:
Adding password for user monitor
[root@nagios usr]#


Enable monitor user for nagios.


vi /etc/nagios/cgi.cfg


Also find authorized_for_all_service and authorized_for_all_hosts and modify them as shown below

authorized_for_system_information=nagiosadmin,monitor

authorized_for_configuration_information=nagiosadmin,monitor

authorized_for_all_services=nagiosadmin,monitor
authorized_for_all_hosts=nagiosadmin,monitor

Reload nagios and apache so that the change may take effect

[root@nagios nagios]# /etc/rc.d/init.d/nagios restart
Running configuration check...done.
Stopping nagios: done.
Starting nagios: done.

[root@nagios nagios]# 

MRTG Configure for Router for Nagios Monitoring

#Test the Configuration with an SNMP Walk

snmpwalk -v 2c -c COMMUNITYSTRING IPADDRESS

#snmpwalk -v 1 -c public 69.250.150.54 system

snmpwalk -v 1 -c public 172.22.81.1 system
snmpwalk -v 1 -c public 192.168.122.1 system


Now you need to make the config (cfg) file for the device you want to monitor.

Quote
##/usr/bin/cfgmaker --output=/etc/mrtg/69.250.150.54.cfg --ifref=ip --global "workdir: /var/www/mrtg" --snmp-options=:::::1 public@69.250.150.54

/usr/bin/cfgmaker --output=/etc/mrtg/172.22.81.1.cfg --ifref=ip --global "workdir: /var/www/html/mrtg" --snmp-options=:::::1 public@172.22.81.1

Now you need to run the env statement "three" times:

Quote
#run three times
#env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg
#env LANG=C /usr/bin/mrtg /etc/mrtg/69.250.150.54.cfg

#You should see this after each time ran:
env LANG=C /usr/bin/mrtg /etc/mrtg/172.22.81.1.cfg

[root@nagios mrtg]# env LANG=C /usr/bin/mrtg /etc/mrtg/172.22.81.1.cfg
07-11-2013 11:59:05, Rateup WARNING: /usr/bin/rateup Can't remove 172.22.81.1_10.67.51.106.old updating log file
07-11-2013 11:59:05, Rateup WARNING: /usr/bin/rateup Can't remove 172.22.81.1_10.255.65.214.old updating log file
07-11-2013 11:59:05, Rateup WARNING: /usr/bin/rateup Can't remove 172.22.81.1_172.22.81.1.old updating log file
07-11-2013 11:59:05, Rateup WARNING: /usr/bin/rateup Can't remove 172.22.81.1_172.29.81.2.old updating log file
07-11-2013 11:59:05, Rateup WARNING: /usr/bin/rateup Can't remove 172.22.81.1_172.29.81.6.old updating log file
[root@nagios mrtg]# env LANG=C /usr/bin/mrtg /etc/mrtg/172.22.81.1.cfg
[root@nagios mrtg]#


Now you need to make the actual index files for each machine:
#Very important you need to append the new machine to the line each time, if you do not you will only see the newest entry

Quote


indexmaker --output=/var/www/html/mrtg/index.html /etc/mrtg/mrtg.cfg /etc/mrtg/172.22.81.1.cfg

###For Two Router###

indexmaker --output=/var/www/html/mrtg/index.html /etc/mrtg/mrtg.cfg /etc/mrtg/172.22.81.1.cfg  /etc/mrtg/192.168.122.1.cfg


Note: The above command should be run for each router

Quote

vim /etc/cron.d/mrtg

#Enter in you machines like my example below:

0-59/5 * * * * root env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg
0-59/5 * * * * root env LANG=C /usr/bin/mrtg /etc/mrtg/172.22.81.1.cfg

Note: one entry will be added for every router

Now restart the crond service.

Quote

service crond restart

[root@nagios mrtg]# service crond restart
Stopping crond:                                            [  OK  ]
Starting crond:                                            [  OK  ]
[root@nagios mrtg]#


---Log Location

/var/www/mrtg

# 'check_mrtgtraf.pl' command definition #

define command{
command_name check_mrtgtraf.pl
command_line $USER1$/check_mrtgtraf.pl -L $ARG1$ -F $ARG2$ -w $ARG3$ -c $ARG4$ -u $ARG5$
}

define service{
use local-service
host_name mrtghost1
service_description Check bandwidth router1 customer1
check_command check_mrtgtraf.pl!/usr/home/www/mrtg/customer1/router1/1.1.1.1_ae0.log!MAX!10,20!11,21!mbyte!
}



define service{
                use                     generic-service
                host_name               core_router_neweskaton_172.22.81.1
                service_description     Port 1 Bandwidth Usage
                check_command           check_mrtgtraf.pl!/var/www/html/mrtg/172.22.81.1_172.22.81.1.log!MAX!10,20!11,21!mbyte!
                }

---compile the command----

/usr/bin/nagios -v /etc/nagios/nagios.cfg



/usr/lib/nagios/plugins/check_mrtgtraf -F /var/www/mrtg/172.22.81.1_172.22.81.1.log -a AVG -w 1000000,1000000 -c 5000000,5000000 -e 10

/usr/lib/nagios/plugins/check_mrtgtraf.pl - F /var/www/mrtg/172.22.81.1_172.22.81.1.log -a MAX -w 10,20 -c 11,21 -e mbyte

-----------------Note-----------

I almost forgot the simple one security is turned on by default and you can't connect remotely unless you change it. In the example below
I canged it to allow all so I could connect to it from anywhere I wanted to from the internet or local lan.

Quote
vi /etc/httpd/conf.d/mrtg.conf


#
# This configuration file maps the mrtg output (generated daily)
# into the URL space. By default these results are only accessible
# from the local host.
#
Alias /mrtg /var/www/mrtg


Order allow,deny
Allow from all

Monitor Network Switch/Router in Nagios

---Add Network Switch---

1. Login as root user 
2. go /etc/nagios
3. Remove the leading pound (#) sign from the following line in the main configuration file:


#cfg_file=/usr/local/nagios/etc/objects/switch.cfg

# Definitions for monitoring a router/switch
cfg_file=/etc/nagios/objects/switch.cfg


4. go /etc/nagios/objects directory

define host{
use             generic-switch
host_name       core_switch_hatikumrul_172.22.83.1
alias           Cisco Core Switch Hatikumrul
address         172.22.83.1
}

# Service definition to ping the switch using check_ping
define service{
use                     generic-service
host_name       core_switch_hatikumrul_172.22.83.1
service_description     PING
check_command           check_ping!200.0,20%!600.0,60%
normal_check_interval   5
retry_check_interval    1
}

# Service definition to monitor switch uptime using check_snmp
define service{
use                     generic-service
host_name       core_switch_hatikumrul_172.22.83.1
service_description     Uptime
check_command           check_snmp!-C public -o sysUpTime.0
}

# Monitor ports 1 - 6 on the Cisco core switch.

define service{
use                   generic-service
host_name             core_switch_hatikumrul_172.22.83.1
service_description   Ports 1-6 Link Status
check_command         check_snmp!-C public -o ifOperStatus.1 -r 1 -m RFC1213-MIB, -o ifOperStatus.2 -r 1 -m RFC1213-MIB, -o ifOperStatus.3 -r 1 -m RFC1213-MIB, -o ifOperStatus.4 -r 1 -m RFC1213-MIB, -o ifOperStatus.5 -r 1 -m RFC1213-MIB, -o ifOperStatus.6 -r 1 -m RFC1213-MIB
}

define service{ 
use generic-service 
host_name localhost 
service_description Bandwidth Usage 
check_command check_local_mrtgtraf!/var/lib/mrtg/127.0.0.1_1.log!AVG!1000000,2000000!5000000,5000000!10 
 }


define service{
use        generic-service
host_name core_switch_hatikumrul_172.22.83.1
service_description Port 1 Bandwidth Usage
check_command check_local_mrtgtraf!/var/lib/mrtg/172.22.83.1_1.log!AVG!1000000,2000000!5000000,5000000!10
}

-----------mrtg---

[root@nagios archives]# rpm -qa | grep mrtg
mrtg-2.14.5-2
[root@nagios archives]# yum install mrtg







# 'check_local_mrtgtraf' command definition
define command{
        command_name    check_local_mrtgtraf
        command_line    $USER1$/check_mrtgtraf -F $ARG1$ -a $ARG2$ -w $ARG3$ -c $ARG4$ -e $ARG5$
        }


# 'check_local_mrtgtraf' command definition 
define command{ 
command_name check_local_mrtgtraf 
command_line $USER1$/check_mrtgtraf -F $LOGFILE$ -a $ARG1$ -w $ARG3$,$ARG4$ -c $ARG5$,$ARG6$ 
 }

/usr/bin/nagios -v /etc/nagios/nagios.cfg



Restart nagios as shown below.
[nagios-server]# /etc/rc.d/init.d/nagios stop
Stopping nagios: .done.

[nagios-server]# /etc/rc.d/init.d/nagios start
Starting nagios: done.

Nagios Installation And Configuration Step By Step For Linux

 Nagios Installation And Configuration Step By Step For Linux

1. Download the nagios and plugins

Download following files(Latest Vesion) from Nagios.org and move to /home/downloads

§  nagios-*.*.*.tar.gz

§  nagios-plugins-*.*.*.tar.gz

2. Take care of the prerequisites

§  Make sure apache is working on the server by verifying from browser: http://localhost

§  Verify whether gcc is installed

[root@localhost]#rpm -qa | grep gcc

gcc-3.4.6-8

compat-gcc-32-3.2.3-47.3

libgcc-3.4.6-8

compat-libgcc-296-2.96-132.7.2

compat-gcc-32-c++-3.2.3-47.3

gcc-c++-3.4.6-8

§  Verify whether GD is installed

[root@localhost]# rpm -qa gd

gd-2.0.28-5.4E

3. Create user and group for nagios

[root@localhost]# useradd nagios

[root@localhost]# passwd nagios

[root@localhost]# groupadd nagcmd

[root@localhost]# usermod -G nagcmd nagios

[root@localhost]# usermod -G nagcmd apache

4. Install nagios

[root@localhost]# tar xvf nagios-*.*.*.tar.gz

[root@localhost]# cd nagios-***

[root@localhost]# ./configure --with-command-group=nagcmd

[root@localhost]# make all

[root@localhost]# make install

[root@localhost]# make install-config

[root@localhost]# make install-commandmode

Following are some additional parameters that you can pass to ./configure to customize your installation. I used only --with-command-group as shown above.

--prefix  /opt/nagios Where to put the Nagios files

--with-cgiurl  /nagios/cgi-bin Web server url where the cgi's will beavailable

--with-htmurl  /nagios  Web server url where nagios will be available

--with-nagios-user nagios  user account under which Nagios will run

--with-nagios-group nagios  group account under which Nagios will run

--with-command-group nagcmd  group account which will allow the apache user to submit

     commands to Nagios

At the end of the configure output, it will display a summary as shown below:

*** Configuration summary for nagios *.*.* 05-28-2013 ***:

General Options:

-------------------------

Nagios executable:  nagios

Nagios user/group:  nagios,nagios

Command user/group:  nagios,nagcmd

Embedded Perl:  no

Event Broker:  yes

Install ${prefix}:  /usr/local/nagios

Lock file:  ${prefix}/var/nagios.lock

Check result directory:  ${prefix}/var/spool/checkresults

Init directory:  /etc/rc.d/init.d

Apache conf.d directory:  /etc/httpd/conf.d

Mail program:  /bin/mail

Host OS:  linux-gnu

Web Interface Options:

------------------------

HTML URL:  http://localhost/nagios/

CGI URL:  http://localhost/nagios/cgi-bin/

Traceroute (used by WAP):  /bin/traceroute

5. Configure the web interface.

[root@localhost]# make install-webconf

[root@localhost# htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

New password:

Re-type new password:

Adding password for user nagiosadmin

6. Compile and install nagios plugins

[root@localhost]# tar xvf nagios-plugins-*.*.*.tar.gz

[root@localhost]# cd nagios-plugins-*.*.*

[root@localhost]# ./configure --with-nagios-user=nagios --with-nagios-group=nagios

[root@localhost]# make

[root@localhost]# make install

Note: On Red Hat, the ./configure command mentioned above did not work and was hanging at the when it was displaying the message: checking for redhat spopen problem… Add –enable-redhat-pthread-workaround to the ./configure command as a work-around for the above problem as shown below.

[root@localhost]# ./configure --with-nagios-user=nagios --with-nagios-group=nagios --enable-redhat-pthread-workaround

7. Start Nagios

§  Add the nagios to the startup routine:

[root@localhost]# chkconfig --add nagios

[root@localhost]# chkconfig nagios on

§  Verify to make sure there are no errors in the nagios configuration file:

[root@localhost]# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

Total Warnings: 0

Total Errors:   0

Things look okay - No serious problems were detected during the pre-flight check

§  Start the nagios

[root@localhost]# service nagios start

Starting nagios: done.

8. Login to web interface

Nagios Web URL: http://localhost/nagios/
Use the userid, password that was created from step#5 above.

III. Configuration files overview

.
The first configuration to modify is to change the default value of email address in /usr/local/nagios/etc/objects/contacts.cfg file to your email address.

Following are the three major configuration files located under /usr/local/nagios/etc


1.      nagios.cfg – This is the primary Nagios configuration file where lot of global parameters that controls the nagios can be defined.

2.      cgi.cfg - This files has configuration information for nagios web interface.

3.      resource.cfg – If you have to pass some sensitive information (username, password etc.) to a plugin to monitor a specific service, you can define them here. This file is readable only by nagios user and group.

Following are the other configuration files under /usr/local/nagios/etc/objects directory:


§  contacts.cfg: All the contacts who needs to be notified should be defined here. You can specify name, email address, what type of notifications they need to receive and what is the time period this particular contact should be receiving notifications etc.

§  commands.cfg – All the commands to check services are defined here. You can use $HOSTNAME$ and $HOSTADDRESS$ macro on the command execution that will substitute the corresponding hostname or host ip-address automatically.

§  timeperiods.cfg – Define the timeperiods. for e.g. if you want a service to be monitored only during the business hours, define a time period called businesshours and specify the hours that you would like to monitor.

§  templates.cfg – Multiple host or service definition that has similar characteristics can use a template, where all the common characteristics can be defined. Use template is a time saver.

§  localhost.cfg – Defines the monitoring for the local host. This is a sample configuration file that comes with nagios installation that you can use as a baseline to define other hosts that you would like to monitor.

§  printer.cfg – Sample config file for printer

§  switch.cfg – Sample config file for switch

§  windows.cfg – Sample config file for a windows machine

MRTG Configure for Router

 Step # 1 : Make sure snmp server installed

Type the following rpm command to find out, if snmp server installed or not:

# rpm -qa | grep snmp

If snmp installed then

# yum install net-snmp-utils net-snmp

Step # 2 : Determine if snmp server is running or not

Run 'ps' command to see if snmp server is running or not:

# ps -aux | grep snmp

Output:

root   5512  0.0  2.3  5872 3012 pts/0    S    22:04   0:00 /usr/sbin/snmpd

# netstat -natv | grep ':199'

tcp        0      0 0.0.0.0:199             0.0.0.0:*               LISTEN

If you found snmp service is running or listing on port 199

# service snmpd start

Make sure snmpd service starts automatically, when linux comes us (add snmpd service):

# chkconfig --add snmpd

Turn on snmpd service, enter:

# chkconfig snmpd on

Step # 3 : Make sure snmp server configured properly

# snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex

Sample outputs:

ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.127.0.0.1 = 1

ip.ipAddrTable.ipAddrEntry.ipAdEntIfIndex.192.168.0.3 = 2

Configure SNMP

(1) Edit the file /etc/snmp/snmpd.conf using a text editor such as vi, enter:

# vi /etc/snmp/snmpd.conf

Change/Modify line(s) as follows:

Find the following Line:

com2sec notConfigUser  default       public

Replace with (make sure you replace 192.168.0.0/24 with your network/subnet) the following lines:

com2sec local     localhost           public

com2sec mynetwork 192.168.0.0/24      public

(a) Make sure when linux comes up snmpd always starts after the system reboot:

 # chkconfig snmpd on

(b) Start the snmpd service:

 # service snmpd start

(c) Finally, test your snmp server:

 # snmpwalk -v 1 -c public localhost IP-MIB::ipAdEntIfIndex

Step # 4 : Install mrtg if not installed

Mrtg software may install during initial installation; you can verify if MRTG installed or not with the following RPM command:

rpm -qa | grep mrtg

Step # 5 : Commands to Configure mrtg

mkdir -p /var/www/html/mrtg/

Now you need to make the config (cfg) file for the device you want to monitor.


Quote

##/usr/bin/cfgmaker --output=/etc/mrtg/69.250.150.54.cfg --ifref=ip --global "workdir: /var/www/mrtg" --snmp-options=:::::1 public@69.250.150.54


/usr/bin/cfgmaker --output=/etc/mrtg/172.22.81.1.cfg --ifref=ip --global "workdir: /var/www/html/mrtg" --snmp-options=:::::1 public@172.22.81.1


Copy the image files--


cp -av /var/www/html/images/*.png /var/www/html/mrtg/




Now you need to run the env statement "three" times:


Quote

#run three times

#env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg

#env LANG=C /usr/bin/mrtg /etc/mrtg/69.250.150.54.cfg


#You should see this after each time ran:

env LANG=C /usr/bin/mrtg /etc/mrtg/172.22.81.1.cfg


[root@nagios mrtg]# env LANG=C /usr/bin/mrtg /etc/mrtg/172.22.81.1.cfg

07-11-2013 11:59:05, Rateup WARNING: /usr/bin/rateup Can't remove 172.22.81.1_10.67.51.106.old updating log file

07-11-2013 11:59:05, Rateup WARNING: /usr/bin/rateup Can't remove 172.22.81.1_10.255.65.214.old updating log file

07-11-2013 11:59:05, Rateup WARNING: /usr/bin/rateup Can't remove 172.22.81.1_172.22.81.1.old updating log file

07-11-2013 11:59:05, Rateup WARNING: /usr/bin/rateup Can't remove 172.22.81.1_172.29.81.2.old updating log file

07-11-2013 11:59:05, Rateup WARNING: /usr/bin/rateup Can't remove 172.22.81.1_172.29.81.6.old updating log file

[root@nagios mrtg]# env LANG=C /usr/bin/mrtg /etc/mrtg/172.22.81.1.cfg

[root@nagios mrtg]#



Now you need to make the actual index files for each machine:

#Very important you need to append the new machine to the line each time, if you do not you will only see the newest entry


Quote



indexmaker --output=/var/www/html/mrtg/index.html /etc/mrtg/mrtg.cfg /etc/mrtg/172.22.81.1.cfg


Note: The above command should be run for each router


Quote


vim /etc/cron.d/mrtg


#Enter in you machines like my example below:


0-59/5 * * * * root env LANG=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg

0-59/5 * * * * root env LANG=C /usr/bin/mrtg /etc/mrtg/172.22.81.1.cfg


Note: one entry will be added for every router


Now restart the crond service.


Quote


service crond restart


[root@nagios mrtg]# service crond restart

Stopping crond:                                            [  OK  ]

Starting crond:                                            [  OK  ]

[root@nagios mrtg]#



---Log Location


/var/www/mrtg


# 'check_mrtgtraf.pl' command definition #


define command{

command_name check_mrtgtraf.pl

command_line $USER1$/check_mrtgtraf.pl -L $ARG1$ -F $ARG2$ -w $ARG3$ -c $ARG4$ -u $ARG5$

}

define service{

use local-service

host_name mrtghost1

service_description Check bandwidth router1 customer1

check_command check_mrtgtraf.pl!/usr/home/www/mrtg/customer1/router1/1.1.1.1_ae0.log!MAX!10,20!11,21!mbyte!

}


define service{

                use                     generic-service

                host_name               core_router_neweskaton_172.22.81.1

                service_description     Port 1 Bandwidth Usage

                check_command           check_mrtgtraf.pl!/var/www/html/mrtg/172.22.81.1_172.22.81.1.log!MAX!10,20!11,21!mbyte!

                }


---compile the command----


/usr/bin/nagios -v /etc/nagios/nagios.cfg




/usr/lib/nagios/plugins/check_mrtgtraf -F /var/www/mrtg/172.22.81.1_172.22.81.1.log -a AVG -w 1000000,1000000 -c 5000000,5000000 -e 10


/usr/lib/nagios/plugins/check_mrtgtraf.pl - F /var/www/mrtg/172.22.81.1_172.22.81.1.log -a MAX -w 10,20 -c 11,21 -e mbyte


-----------------Note-----------


I almost forgot the simple one security is turned on by default and you can't connect remotely unless you change it. In the example below

I canged it to allow all so I could connect to it from anywhere I wanted to from the internet or local lan.


Quote

vi /etc/httpd/conf.d/mrtg.conf


#

# This configuration file maps the mrtg output (generated daily)

# into the URL space. By default these results are only accessible

# from the local host.

#

Alias /mrtg /var/www/mrtg


Order allow,deny

Allow from all


----Finally

http://192.168.10.29/mrtg/

ERROR: Description/Type table : No response from remote host in Nagios

Problem: 

ERROR: Description/Type table : No response from remote host---During SNMP configuration in remote host in Nagios

[root@nagios plugins]# /usr/lib/nagios/plugins/check_snmp_storage.pl -H 192.168.10.9 -C public -m "^/$" -w 2 -c 4
ERROR: Description/Type table : No response from remote host '192.168.10.9'.
 
Solution: 

1. Go to /usr/local/nagios/etc location of remote host

2. edit the nrpe.cfg add the nagios server ip into

allowed_hosts=127.0.0.1 192.168.10.29

Note: Here 192.168.10.29 nagios server ip

3. Go to Nagios server and execute the following command

[root@nagios nagios]# /usr/lib/nagios/plugins/check_snmp_storage.pl -H 192.168.10.9 -C public -m "^/$" -w 2 -c 4
/: 14%used(7142MB/49596MB) (>4%) : CRITICAL

4. Thats it...problem solved....cheers .. :P