====== Сервис Nagios ======

  * [[https://www.nagios.org/|Nagios Open Source]]

===== Базовая конфигурация =====

==== Установка ====

=== Debian10/Ubuntu20 ===

  * Рекомендуется настроить [[Сервис MTA]] и установить [[UA mail]] (не обязательно), иначе поставит exim4 как зависимость
  * [[Сервис HTTP#Установка и запуск сервера Apache]]

<code>
# a2enmod auth_digest

# a2enmod authz_groupfile

# systemctl restart apache2

# apt install nagios4
</code>


==== Настройка объектов мониторинга ====

  * [[https://assets.nagios.com/downloads/nagioscore/docs/nagioscore/3/en/dependencies.html|Host and Service Dependencies]]
  * [[https://www.zarrelli.org/blog/nagios-notification-escalations-made-easy/comment-page-1/|Nagios notification escalations made easy]]

<code>
server# /usr/lib/nagios/plugins/check_http -H yandex.ru -S

server# less /etc/nagios-plugins/config/http.cfg
</code><code>
server# cat /etc/nagios4/conf.d/corpX.cfg
</code><code>
define host{
        use                     generic-host
        name                    my-templ-host
        register                0

        max_check_attempts      1
        notification_interval   1440
        check_command           check-host-alive_4

        # mail send to user nagios
        contacts                nagiosadmin
}

define service{
        use                     generic-service
        register                0
        name                    my-templ-service-https
        service_description     www
        check_command           check_https_4
        check_interval          5
        retry_interval          1
        notification_interval   1440
}

define service{
        use                     generic-service
        register                0
        name                    my-templ-service-ping
        service_description     ping
        check_command           check_ping_4!100.0,20%!500.0,60%
        check_interval          5
        retry_interval          1
        notification_interval   1440
}

#---------------------------------

define host{
        use                     my-templ-host
        host_name               yandex
        address                 yandex.ru
}

define service{
        use                     my-templ-service-https
        host_name               yandex
}

define host{
        use                     my-templ-host
        host_name               val-bmstu
        address                 val.bmstu.ru
}

define service{
        use                     my-templ-service-https
        check_command           check_http_4
        host_name               val-bmstu
}


#---------------------------------

define host{
        use                     my-templ-host
        host_name               switch1
        address                 switch1
}

define service{
        use                     my-templ-service-ping
        host_name               switch1
}

define host{
        use                     my-templ-host
        host_name               switch2
        address                 switch2
}

define service{
        use                     my-templ-service-ping
        host_name               switch2
}

define host{
        use                     my-templ-host
        host_name               switch3
        address                 switch3
}

define service{
        use                     my-templ-service-ping
        host_name               switch3
}

#--- For next labs ---

define host{
        use             my-templ-host
        host_name       cisco-router
        alias           Cisco 7200
        address         router
}
</code>

==== Тестирование конфигурации и запуск ====

  * [[http://192.168.X.10/nagios4/]]

<code>
root@server:~# nagios4 -v /etc/nagios4/nagios.cfg

root@server:~# service nagios4 restart
</code>

===== Запуск plugins на других хостах =====


<code>
root# sudo -u nagios sh
</code>

  * [[Сервис SSH#Настройка ssh клиента]]
  * [[Сервис SSH#Аутентификация с использованием ключей ssh]]

<code>
nagios$ cat .ssh/id_rsa.pub
...

nagios$ cat .ssh/config
...

nagios$ /usr/local/libexec/nagios/check_by_ssh -H server2 -C "/usr/lib/nagios/plugins/check_disk -w '10' -c '20' -e -p '/'"

server# cat corpX.cfg
</code><code>
define host{
        use                     my-templ-host
        host_name               server2
        address                 server2
}

define service{
        use                     generic-service
        host_name               server2
}

define command{
        command_name    ssh_disk_linux
        command_line    $USER1$/check_by_ssh -H '$HOSTADDRESS$' -C "/usr/lib/nagios/plugins/check_disk -w '$ARG1$' -c '$ARG2$' -e -p '$ARG3$'"
}

define service{
        use                     generic-service
        service_description     disk
        host_name               server2
        check_command           ssh_disk_bsd_linux!20%!10%!/
}
</code>

===== Использование plugin check_snmp =====

[[https://www.nagios-plugins.org/doc/man/check_snmp.html]]

==== Тестирование plugin ====

<code>
shell> snmpwalk -c public -v2c router ifDescr
</code>

<code>
# mkdir /usr/var

# /usr/lib/nagios/plugins/check_snmp -H router -C public -o ifInOctets.2,ifOutOctets.2 --rate -w 62500,62500 -c 125000,125000

# chown -R nagios:nagios /usr/var/
</code>

==== Настройка nagios на использование check_snmp ====

<code>
server# cat corpX.cfg
</code><code>
...
define command {
        command_name check_snmp_band
        command_line $USER1$/check_snmp --rate -H $HOSTADDRESS$ -C $ARG1$ -o $ARG2$ -w $ARG3$ -c $ARG4$
}

define service{
        use                     generic-service
        host_name               cisco-router
        service_description     int LAN bandwidth
        check_command check_snmp_band!public!ifInOctets.2,ifOutOctets.2!62500,62500!125000,125000
#        check_command check_snmp_band!public!ifInOctets.5,ifOutOctets.5!62500,62500!125000,125000
}
</code>

===== Интеграция с MRTG =====

  * [[https://www.monitoring-plugins.org/doc/man/check_mrtg.html|The check_mrtg Plugin]]
  * [[https://www.monitoring-plugins.org/doc/man/check_mrtgtraf.html|The check_mrtgtraf Plugin]]

<code>
server# /usr/lib/nagios/plugins/check_mrtgtraf -F /var/www/html/mrtg/router_fa0_0.log -a MAX -w 125000,125000 -c 62500,62500 -e 10

server# less /etc/nagios4/objects/commands.cfg

server# /usr/lib/nagios/plugins/check_mrtg -F /var/www/html/mrtg/dhcp-stat.log -a MAX -v 2 -w 6 -c 8

server# cat corpX.cfg
</code><code>
...

# --- int WAN bandwidth MRTG ---

define service{
        use                     generic-service
        host_name               cisco-router
        service_description     int WAN bandwidth MRTG
        check_command check_local_mrtgtraf!/var/www/html/mrtg/router_fa0_0.log!AVG!62500,62500!125000,125000!10
}

# --- check dhcp stat ---

define command {
        command_name my-check_mrtg
        command_line $USER1$/check_mrtg -F $ARG1$ -a $ARG2$ -v $ARG3$ -w $ARG4$ -c $ARG5$
}

define service{
        use                     generic-service
        host_name               cisco-router
        service_description     check dhcp stat
        check_command           my-check_mrtg!/var/www/html/mrtg/dhcp-stat.log!MAX!2!6!8
}
</code>

===== Использование скриптов =====

  * [[https://www.howtoforge.com/tutorial/write-a-custom-nagios-check-plugin/|How to Write a Custom Nagios Check Plugin]]

<code>
# cat /etc/nagios-dhcp-stat.sh
</code><code>
#!/bin/sh

#CMD='rsh router show ip dhcp binding | grep 192.168 | wc -l'
#MAX=9
#CUR=`eval $CMD`

#CMD='/usr/bin/dhcpd-pools -l /var/lib/dhcp/dhcpd.leases -c /etc/dhcp/dhcpd.conf -f c | grep 192.168.X.'
#CMD='/usr/local/bin/dhcpd-pools -l /var/db/dhcpd/dhcpd.leases -c /usr/local/etc/dhcpd.conf -f c | grep 192.168.X.'
#MAX=`eval $CMD | cut -d'"' -f8`
#CUR=`eval $CMD | cut -d'"' -f10`

echo CUR:$CUR MAX:$MAX

test $CUR -eq $MAX && exit 2

exit 0
</code><code>
# cat corpX.cfg
</code><code>
...
define command {
        command_name check_dhcp_stat
        command_line /etc/nagios-dhcp-stat.sh
}

define service{
        use generic-service
        host_name localhost
        service_description check dhcp stat
        check_command check_dhcp_stat
}
</code>

===== Установка Web-интерфейса Nagios =====

  * [[https://www.itstuff.info/linux_unix/install-web-interface-nagvis-for-nagios/|Установка Web-интерфейса NagVis для системы мониторинга Nagios]]

===== Дополнительные материалы =====

==== Использование plugin check_snmp_int ====

=== Установка plugin ===

== Debian/Ubuntu ==
<code>
root@server:~# apt install nagios-snmp-plugins

root@server:~# cd /usr/lib/nagios/plugins
</code>

=== Тестирование plugin ===

По умолчанию значения в KBytes/s

== FreeBSD/Ubuntu ==
<code>
# ./check_snmp_int.pl -H router -C public -n FastEthernet1/0 -k -w 10,10 -c 100,100

# ./check_snmp_int.pl --help
...
-k, --perfcheck ; -q, --extperfcheck
   -k check the input/ouput bandwidth of the interface
   -q also check the error and discard input/output

-w, --warning=input,output[,error in,error out,discard in,discard out]
   warning level for input / output bandwidth (0 for no warning)
     unit depends on B,M,G,u options
   warning for error & discard input / output in error/min (need -q)

-c, --critical=input,output[,error in,error out,discard in,discard out]
   critical level for input / output bandwidth (0 for no critical)
     unit depends on B,M,G,u options
   critical for error & discard input / output in error/min (need -q)
...
</code>

== Ubuntu ==
<code>
# cat /tmp/tmp_Nagios_int.router.FastEthernet1_0

# rm /tmp/tmp_Nagios_int.router.*
</code>

=== Настройка nagios на использование plugin ===

== FreeBSD/Ubuntu ==
<code>
server# cat corpX.cfg
</code><code>
...
define command {
        command_name check_snmp_int_band
        command_line $USER1$/check_snmp_int.pl -H $HOSTADDRESS$ -C $ARG1$ -n $ARG2$ -k -w $ARG3$ -c $ARG4$
}

define service{
        use                     generic-service
        host_name               cisco-router
        service_description     int_if_bandwidth
        check_command check_snmp_int_band!public!FastEthernet1/0!10,10!100,100
}
</code>