Table of Contents

Сервис Nagios

Базовая конфигурация

Установка

Debian10/Ubuntu20

# a2enmod auth_digest

# a2enmod authz_groupfile

# a2enmod cgid

# systemctl restart apache2

# apt install nagios4

Настройка объектов мониторинга

server# /usr/lib/nagios/plugins/check_http -H yandex.ru -S

server# less /etc/nagios-plugins/config/http.cfg
server# cat /etc/nagios4/conf.d/corpX.cfg
define host{
        use                     generic-host
        name                    my-templ-host
        register                0

        max_check_attempts      1
        notification_interval   1440
        check_command           check-host-alive_4

        # mail send to user nagios
        contacts                nagiosadmin
}

define service{
        use                     generic-service
        register                0
        name                    my-templ-service-https
        service_description     www
        check_command           check_https_4
        check_interval          5
        retry_interval          1
        notification_interval   1440
}

define service{
        use                     generic-service
        register                0
        name                    my-templ-service-ping
        service_description     ping
        check_command           check_ping_4!100.0,20%!500.0,60%
        check_interval          5
        retry_interval          1
        notification_interval   1440
}

#---------------------------------

define host{
        use                     my-templ-host
        host_name               yandex
        address                 yandex.ru
}

define service{
        use                     my-templ-service-https
        host_name               yandex
}

define host{
        use                     my-templ-host
        host_name               val-bmstu
        address                 val.bmstu.ru
}

define service{
        use                     my-templ-service-https
        check_command           check_http_4
        host_name               val-bmstu
}


#---------------------------------

define host{
        use                     my-templ-host
        host_name               switch1
        address                 switch1
}

define service{
        use                     my-templ-service-ping
        host_name               switch1
}

define host{
        use                     my-templ-host
        host_name               switch2
        address                 switch2
}

define service{
        use                     my-templ-service-ping
        host_name               switch2
}

define host{
        use                     my-templ-host
        host_name               switch3
        address                 switch3
}

define service{
        use                     my-templ-service-ping
        host_name               switch3
}

#--- For next labs ---

define host{
        use             my-templ-host
        host_name       cisco-router
        alias           Cisco 7200
        address         router
}

Тестирование конфигурации и запуск

root@server:~# nagios4 -v /etc/nagios4/nagios.cfg

root@server:~# service nagios4 restart

Запуск plugins на других хостах

root# sudo -u nagios sh
nagios$ cat .ssh/id_rsa.pub
...

nagios$ cat .ssh/config
...

nagios$ /usr/local/libexec/nagios/check_by_ssh -H server2 -C "/usr/lib/nagios/plugins/check_disk -w '10' -c '20' -e -p '/'"

server# cat corpX.cfg
define host{
        use                     my-templ-host
        host_name               server2
        address                 server2
}

define service{
        use                     generic-service
        host_name               server2
}

define command{
        command_name    ssh_disk_linux
        command_line    $USER1$/check_by_ssh -H '$HOSTADDRESS$' -C "/usr/lib/nagios/plugins/check_disk -w '$ARG1$' -c '$ARG2$' -e -p '$ARG3$'"
}

define service{
        use                     generic-service
        service_description     disk
        host_name               server2
        check_command           ssh_disk_bsd_linux!20%!10%!/
}

Использование plugin check_snmp

https://www.nagios-plugins.org/doc/man/check_snmp.html

Тестирование plugin

shell> snmpwalk -c public -v2c router ifDescr
# mkdir /usr/var

# /usr/lib/nagios/plugins/check_snmp -H router -C public -o ifInOctets.5,ifOutOctets.5 --rate -w 62500,62500 -c 125000,125000

# chown -R nagios:nagios /usr/var/

Настройка nagios на использование check_snmp

server# cat corpX.cfg
...
define command {
        command_name check_snmp_band
        command_line $USER1$/check_snmp --rate -H $HOSTADDRESS$ -C $ARG1$ -o $ARG2$ -w $ARG3$ -c $ARG4$
}

define service{
        use                     generic-service
        host_name               cisco-router
        service_description     int LAN bandwidth SNMP
        flap_detection_enabled  0
        check_command check_snmp_band!public!ifInOctets.2,ifOutOctets.2!62500,62500!125000,125000
#        check_command check_snmp_band!public!ifInOctets.5,ifOutOctets.5!62500,62500!125000,125000
}

Интеграция с MRTG

server# /usr/lib/nagios/plugins/check_mrtgtraf -F /var/www/html/mrtg/router_fa0_0.log -a MAX -w 125000,125000 -c 62500,62500 -e 10

server# less /etc/nagios4/objects/commands.cfg

server# /usr/lib/nagios/plugins/check_mrtg -F /var/www/html/mrtg/dhcp-stat.log -a MAX -v 2 -w 6 -c 8

server# cat corpX.cfg
...

# --- int WAN bandwidth MRTG ---

define service{
        use                     generic-service
        host_name               cisco-router
        service_description     int WAN bandwidth MRTG
        flap_detection_enabled  0
        check_command check_local_mrtgtraf!/var/www/html/mrtg/router_fa0_0.log!AVG!62500,62500!125000,125000!10
}

# --- check dhcp stat ---

define command {
        command_name my-check_mrtg
        command_line $USER1$/check_mrtg -F $ARG1$ -a $ARG2$ -v $ARG3$ -w $ARG4$ -c $ARG5$
}

define service{
        use                     generic-service
        host_name               cisco-router
        service_description     check dhcp stat
        check_command           my-check_mrtg!/var/www/html/mrtg/dhcp-stat.log!MAX!2!6!8
}

Использование скриптов

# cat /etc/nagios-dhcp-stat.sh
#!/bin/sh

#CMD='rsh router show ip dhcp binding | grep 192.168 | wc -l'
#MAX=9
#CUR=`eval $CMD`

#CMD='/usr/bin/dhcpd-pools -l /var/lib/dhcp/dhcpd.leases -c /etc/dhcp/dhcpd.conf -f c | grep 192.168.X.'
#CMD='/usr/local/bin/dhcpd-pools -l /var/db/dhcpd/dhcpd.leases -c /usr/local/etc/dhcpd.conf -f c | grep 192.168.X.'
#MAX=`eval $CMD | cut -d'"' -f8`
#CUR=`eval $CMD | cut -d'"' -f10`

echo CUR:$CUR MAX:$MAX

test $CUR -eq $MAX && exit 2

exit 0
# cat corpX.cfg
...
define command {
        command_name check_dhcp_stat
        command_line /etc/nagios-dhcp-stat.sh
}

define service{
        use generic-service
        host_name localhost
        service_description check dhcp stat
        check_command check_dhcp_stat
}

Установка Web-интерфейса Nagios

Дополнительные материалы

Использование plugin check_snmp_int

Установка plugin

Debian/Ubuntu
root@server:~# apt install nagios-snmp-plugins

root@server:~# cd /usr/lib/nagios/plugins

Тестирование plugin

По умолчанию значения в KBytes/s

FreeBSD/Ubuntu
# ./check_snmp_int.pl -H router -C public -n FastEthernet1/0 -k -w 10,10 -c 100,100

# ./check_snmp_int.pl --help
...
-k, --perfcheck ; -q, --extperfcheck
   -k check the input/ouput bandwidth of the interface
   -q also check the error and discard input/output

-w, --warning=input,output[,error in,error out,discard in,discard out]
   warning level for input / output bandwidth (0 for no warning)
     unit depends on B,M,G,u options
   warning for error & discard input / output in error/min (need -q)

-c, --critical=input,output[,error in,error out,discard in,discard out]
   critical level for input / output bandwidth (0 for no critical)
     unit depends on B,M,G,u options
   critical for error & discard input / output in error/min (need -q)
...
Ubuntu
# cat /tmp/tmp_Nagios_int.router.FastEthernet1_0

# rm /tmp/tmp_Nagios_int.router.*

Настройка nagios на использование plugin

FreeBSD/Ubuntu
server# cat corpX.cfg
...
define command {
        command_name check_snmp_int_band
        command_line $USER1$/check_snmp_int.pl -H $HOSTADDRESS$ -C $ARG1$ -n $ARG2$ -k -w $ARG3$ -c $ARG4$
}

define service{
        use                     generic-service
        host_name               cisco-router
        service_description     int_if_bandwidth
        check_command check_snmp_int_band!public!FastEthernet1/0!10,10!100,100
}