====== Сервис Nagios ======
* [[https://www.nagios.org/|Nagios Open Source]]
===== Базовая конфигурация =====
==== Установка ====
=== Debian10/Ubuntu20 ===
* Рекомендуется настроить [[Сервис MTA]] и установить [[UA mail]] (не обязательно), иначе поставит exim4 как зависимость
* [[Сервис HTTP#Установка и запуск сервера Apache]]
# a2enmod auth_digest
# a2enmod authz_groupfile
# a2enmod cgid
# systemctl restart apache2
# apt install nagios4
==== Настройка объектов мониторинга ====
* [[https://assets.nagios.com/downloads/nagioscore/docs/nagioscore/3/en/dependencies.html|Host and Service Dependencies]]
* [[https://www.zarrelli.org/blog/nagios-notification-escalations-made-easy/comment-page-1/|Nagios notification escalations made easy]]
server# /usr/lib/nagios/plugins/check_http -H yandex.ru -S
server# less /etc/nagios-plugins/config/http.cfg
server# cat /etc/nagios4/conf.d/corpX.cfg
define host{
use generic-host
name my-templ-host
register 0
max_check_attempts 1
notification_interval 1440
check_command check-host-alive_4
# mail send to user nagios
contacts nagiosadmin
}
define service{
use generic-service
register 0
name my-templ-service-https
service_description www
check_command check_https_4
check_interval 5
retry_interval 1
notification_interval 1440
}
define service{
use generic-service
register 0
name my-templ-service-ping
service_description ping
check_command check_ping_4!100.0,20%!500.0,60%
check_interval 5
retry_interval 1
notification_interval 1440
}
#---------------------------------
define host{
use my-templ-host
host_name yandex
address yandex.ru
}
define service{
use my-templ-service-https
host_name yandex
}
define host{
use my-templ-host
host_name val-bmstu
address val.bmstu.ru
}
define service{
use my-templ-service-https
check_command check_http_4
host_name val-bmstu
}
#---------------------------------
define host{
use my-templ-host
host_name switch1
address switch1
}
define service{
use my-templ-service-ping
host_name switch1
}
define host{
use my-templ-host
host_name switch2
address switch2
}
define service{
use my-templ-service-ping
host_name switch2
}
define host{
use my-templ-host
host_name switch3
address switch3
}
define service{
use my-templ-service-ping
host_name switch3
}
#--- For next labs ---
define host{
use my-templ-host
host_name cisco-router
alias Cisco 7200
address router
}
==== Тестирование конфигурации и запуск ====
* [[http://192.168.X.10/nagios4/]]
root@server:~# nagios4 -v /etc/nagios4/nagios.cfg
root@server:~# service nagios4 restart
===== Запуск plugins на других хостах =====
root# sudo -u nagios sh
* [[Сервис SSH#Настройка ssh клиента]]
* [[Сервис SSH#Аутентификация с использованием ключей ssh]]
nagios$ cat .ssh/id_rsa.pub
...
nagios$ cat .ssh/config
...
nagios$ /usr/local/libexec/nagios/check_by_ssh -H server2 -C "/usr/lib/nagios/plugins/check_disk -w '10' -c '20' -e -p '/'"
server# cat corpX.cfg
define host{
use my-templ-host
host_name server2
address server2
}
define service{
use generic-service
host_name server2
}
define command{
command_name ssh_disk_linux
command_line $USER1$/check_by_ssh -H '$HOSTADDRESS$' -C "/usr/lib/nagios/plugins/check_disk -w '$ARG1$' -c '$ARG2$' -e -p '$ARG3$'"
}
define service{
use generic-service
service_description disk
host_name server2
check_command ssh_disk_bsd_linux!20%!10%!/
}
===== Использование plugin check_snmp =====
[[https://www.nagios-plugins.org/doc/man/check_snmp.html]]
==== Тестирование plugin ====
shell> snmpwalk -c public -v2c router ifDescr
# mkdir /usr/var
# /usr/lib/nagios/plugins/check_snmp -H router -C public -o ifInOctets.5,ifOutOctets.5 --rate -w 62500,62500 -c 125000,125000
# chown -R nagios:nagios /usr/var/
==== Настройка nagios на использование check_snmp ====
server# cat corpX.cfg
...
define command {
command_name check_snmp_band
command_line $USER1$/check_snmp --rate -H $HOSTADDRESS$ -C $ARG1$ -o $ARG2$ -w $ARG3$ -c $ARG4$
}
define service{
use generic-service
host_name cisco-router
service_description int LAN bandwidth SNMP
flap_detection_enabled 0
check_command check_snmp_band!public!ifInOctets.2,ifOutOctets.2!62500,62500!125000,125000
# check_command check_snmp_band!public!ifInOctets.5,ifOutOctets.5!62500,62500!125000,125000
}
===== Интеграция с MRTG =====
* [[https://www.monitoring-plugins.org/doc/man/check_mrtg.html|The check_mrtg Plugin]]
* [[https://www.monitoring-plugins.org/doc/man/check_mrtgtraf.html|The check_mrtgtraf Plugin]]
server# /usr/lib/nagios/plugins/check_mrtgtraf -F /var/www/html/mrtg/router_fa0_0.log -a MAX -w 125000,125000 -c 62500,62500 -e 10
server# less /etc/nagios4/objects/commands.cfg
server# /usr/lib/nagios/plugins/check_mrtg -F /var/www/html/mrtg/dhcp-stat.log -a MAX -v 2 -w 6 -c 8
server# cat corpX.cfg
...
# --- int WAN bandwidth MRTG ---
define service{
use generic-service
host_name cisco-router
service_description int WAN bandwidth MRTG
flap_detection_enabled 0
check_command check_local_mrtgtraf!/var/www/html/mrtg/router_fa0_0.log!AVG!62500,62500!125000,125000!10
}
# --- check dhcp stat ---
define command {
command_name my-check_mrtg
command_line $USER1$/check_mrtg -F $ARG1$ -a $ARG2$ -v $ARG3$ -w $ARG4$ -c $ARG5$
}
define service{
use generic-service
host_name cisco-router
service_description check dhcp stat
check_command my-check_mrtg!/var/www/html/mrtg/dhcp-stat.log!MAX!2!6!8
}
===== Использование скриптов =====
* [[https://www.howtoforge.com/tutorial/write-a-custom-nagios-check-plugin/|How to Write a Custom Nagios Check Plugin]]
# cat /etc/nagios-dhcp-stat.sh
#!/bin/sh
#CMD='rsh router show ip dhcp binding | grep 192.168 | wc -l'
#MAX=9
#CUR=`eval $CMD`
#CMD='/usr/bin/dhcpd-pools -l /var/lib/dhcp/dhcpd.leases -c /etc/dhcp/dhcpd.conf -f c | grep 192.168.X.'
#CMD='/usr/local/bin/dhcpd-pools -l /var/db/dhcpd/dhcpd.leases -c /usr/local/etc/dhcpd.conf -f c | grep 192.168.X.'
#MAX=`eval $CMD | cut -d'"' -f8`
#CUR=`eval $CMD | cut -d'"' -f10`
echo CUR:$CUR MAX:$MAX
test $CUR -eq $MAX && exit 2
exit 0
# cat corpX.cfg
...
define command {
command_name check_dhcp_stat
command_line /etc/nagios-dhcp-stat.sh
}
define service{
use generic-service
host_name localhost
service_description check dhcp stat
check_command check_dhcp_stat
}
===== Установка Web-интерфейса Nagios =====
* [[https://www.itstuff.info/linux_unix/install-web-interface-nagvis-for-nagios/|Установка Web-интерфейса NagVis для системы мониторинга Nagios]]
===== Дополнительные материалы =====
==== Использование plugin check_snmp_int ====
=== Установка plugin ===
== Debian/Ubuntu ==
root@server:~# apt install nagios-snmp-plugins
root@server:~# cd /usr/lib/nagios/plugins
=== Тестирование plugin ===
По умолчанию значения в KBytes/s
== FreeBSD/Ubuntu ==
# ./check_snmp_int.pl -H router -C public -n FastEthernet1/0 -k -w 10,10 -c 100,100
# ./check_snmp_int.pl --help
...
-k, --perfcheck ; -q, --extperfcheck
-k check the input/ouput bandwidth of the interface
-q also check the error and discard input/output
-w, --warning=input,output[,error in,error out,discard in,discard out]
warning level for input / output bandwidth (0 for no warning)
unit depends on B,M,G,u options
warning for error & discard input / output in error/min (need -q)
-c, --critical=input,output[,error in,error out,discard in,discard out]
critical level for input / output bandwidth (0 for no critical)
unit depends on B,M,G,u options
critical for error & discard input / output in error/min (need -q)
...
== Ubuntu ==
# cat /tmp/tmp_Nagios_int.router.FastEthernet1_0
# rm /tmp/tmp_Nagios_int.router.*
=== Настройка nagios на использование plugin ===
== FreeBSD/Ubuntu ==
server# cat corpX.cfg
...
define command {
command_name check_snmp_int_band
command_line $USER1$/check_snmp_int.pl -H $HOSTADDRESS$ -C $ARG1$ -n $ARG2$ -k -w $ARG3$ -c $ARG4$
}
define service{
use generic-service
host_name cisco-router
service_description int_if_bandwidth
check_command check_snmp_int_band!public!FastEthernet1/0!10,10!100,100
}