Monitoring service status
-
No idea? I think it's a modification on rights or in the nrpe plugin but I can't find it.
-
@rct:
I have setup those checks with Nagios and NRPE.
If it can help someone :
- Install NRPE via System>Packages
- Download the zipfile (http://www.filedropper.com/checkpfsvc). It contains 2 files : "check_pfsvc" which is the nagios plugin used by nrpe to do the services check and "svc" which is a pfSense 2.2 version of the file /etc/phpshellsessions/svc
- Transfer "check_pfsvc" in /usr/pbi/nrpe-amd64/libexec/nagios (it should be another location for 32b installations) and do a chmod 555 on it ; chown it to root and set the group to wheel
- If your pfSense version is <2.2 backup your /etc/phpshellsessions/svc and replace with the file provided in the archive
After that configure NRPE as you need. See nrpev2.png to see how i've configured it.
I can't download the zipfile =(
that link redirects me to filedropper.com
-
It doesn't work anymore on pfSense 2.2.x and I can't find why. Sorry.
-
No problem, i need it for a pfSense 2.1-RELEASE
BTW: Anyone knows this package? https://exchange.nagios.org/directory/Plugins/Software/check_squid/details
check_squid
teorically it must be installed on Nagios Server (in my case, is a Ubuntu 14.04)
idk if this works properly because i can't run it. It says
Can't locate Nagios/Plugin.pm in @INC (you may need to install the Nagios::Plugin module) (@INC contains: /etc/perl /usr/local/lib/perl/5.18.2 /usr/local/share/perl/5.18.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.18 /usr/share/perl/5.18 /usr/local/lib/site_perl .)Can't locate Nagios/Plugin.pm in @INC (you may need to install the Nagios::Plugin module) (@INC contains: /etc/perl /usr/local/lib/perl/5.18.2 /usr/local/share/perl/5.18.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.18 /usr/share/perl/5.18 /usr/local/lib/site_perl .)
I know this isn't a Nagios forum, but just for share the experience
-
You can find the file attached to this message.
-
-
For your Nagios issue I think you miss the perl lib that has been written as a "template" for creating nagios plugins (https://exchange.nagios.org/directory/Plugins/*-Plugin-Development-Tools/Nagios-3A-3APlugin/details).
-
@rct:
For your Nagios issue I think you miss the perl lib that has been written as a "template" for creating nagios plugins (https://exchange.nagios.org/directory/Plugins/*-Plugin-Development-Tools/Nagios-3A-3APlugin/details).
i guess i need some more dependencies because when i run perl Makefile.PL this is what it shows:
Warning: prerequisite Config::Tiny 0 not found. Warning: prerequisite Math::Calc::Units 0 not found. Warning: prerequisite Params::Validate 0 not found. Writing Makefile for Nagios::Plugin Writing MYMETA.yml and MYMETA.jsoni'll take a look to your file and follow your instructions to check squid & squidguard status for my pfsense
Thank you for your attention
-
No problem! I hope it'll do the trick for you :)
-
i've done all the configurations on pfsense side
now i'm on my Nagios Server and i don't know how to add this checks on my status monitor
here's my 'pfsense22.cg" file
# A simple configuration file for monitoring the local host # This can serve as an example for configuring other servers; # Custom services specific to this host are added here, but services # defined in nagios2-common_services.cfg may also apply. # define host{ use generic-host ; Name of host template to use host_name pfsense22 alias virtualprana address 10.0.0.22 } # Define a service to check the disk space of the root partition # on the local machine. Warning if < 20% free, critical if # < 10% free space on partition. define service{ use generic-service ; Name of service template to use host_name pfsense22 service_description Disk Space check_command check_all_disks!20%!10% } # Define a service to check the number of currently logged in # users on the local machine. Warning if > 20 users, critical # if > 50 users. define service{ use generic-service ; Name of service template to use host_name pfsense22 service_description Current Users check_command check_users!20!50 } # Define a service to check the number of currently running procs # on the local machine. Warning if > 250 processes, critical if # > 400 processes. define service{ use generic-service ; Name of service template to use host_name pfsense22 service_description Total Processes check_command check_procs!250!400 } # Define a service to check the load on the local machine. define service{ use generic-service ; Name of service template to use host_name pfsense22 service_description Current Load check_command check_load!5.0!4.0!3.0!10.0!6.0!4.0 } define service{ use generic-service host_name pfsense22 service_description Current Load check_command check_nrpe } # Define a service to check squid status -
You can add the following to your file according you have setup a command named "check_squid_svc" in the NRPE package.
define service {
use generic-service
host_name pfsense22
service_description Squid service
check_command check_nrpe!check_squid_svc
} -
thanks!
it shows me an UNKNOWN state
details:
Current Status: UNKNOWN (for 0d 0h 25m 45s) Status Information: (No output returned from plugin) NRPE Plugin for Nagios Copyright (c) 1999-2008 Ethan Galstad (nagios@nagios.org) Version: 2.15 Last Modified: 09-06-2013 License: GPL v2 with exemptions (-l for more info) SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required \nUsage: check_nrpe -H <host>[ -b <bindaddr>] [-4] [-6] [-n] [-u] [-p <port>] [-t <timeout>] [-c <command></command>] [-a <arglist...>] \nOptions: -h = Print this short help. -l = Print licensing information. -n = Do no use SSL -u = Make socket timeouts return an UNKNOWN state instead of CRITICAL <host>= The address of the host running the NRPE daemon <bindaddr>= bind to local address -4 = user ipv4 only -6 = user ipv6 only [port] = The port on which the daemon is running (default=5666) [timeout] = Number of seconds before connection times out (default=10) [command] = The name of the command that the remote daemon should run [arglist] = Optional arguments that should be passed to the command. Multiple arguments should be separated by a space. If provided, this must be the last option supplied on the command line. \nNote: This plugin requires that you have the NRPE daemon running on the remote host. You must also have configured the daemon to associate a specific plugin command with the [command] option you are specifying here. Upon receipt of the [command] argument, the NRPE daemon will run the appropriate plugin command and send the plugin output and return code back to *this* plugin. This allows you to execute plugins on remote hosts and 'fake' the results to make Nagios think the plugin is being run locally. \n Performance Data: Current Attempt: 4/4 (HARD state) Last Check Time: 2015-06-18 12:50:08 Check Type: ACTIVE Check Latency / Duration: 0.085 / 0.005 seconds Next Scheduled Check: 2015-06-18 12:55:08 Last State Change: 2015-06-18 12:27:08 Last Notification: 2015-06-18 12:30:13 (notification 1) Is This Service Flapping? NO (5.72% state change) In Scheduled Downtime? NO Last Update: 2015-06-18 12:52:53 ( 0d 0h 0m 0s ago) Active Checks: ENABLED Passive Checks: ENABLED Obsessing: ENABLED Notifications: ENABLED Event Handler: ENABLED Flap Detection: ENABLED</bindaddr></host></arglist...></timeout></port></bindaddr></host> -
NOW IS WORKING
TY V M
I'll nat some ports from some clients now.
Thanks for all, again
-
Ok glad it works for you :)
-
Hi,
I'm trying to use your script on my pfsense 2.2.6.
In shell, it's working.
in nrpe, my remote server give me : Could not read output.
Another check on the pfsense using nrpe (check_load, …) are working as fine.Any suggestions to fix this issue ?
Thanks,
Yannick -
No sorry I've had the same problem when I have upgraded my pfSense and I haven't found a way to resolve this issue. :(
-
a short test with a bash script works as fine.
so it seems that the nagios account use by nrpe don't have rights to execute the php interpreter (/usr/local/bin/php). -
I agree it seems to be a security constraint somewhere but I don't know Freebsd and I haven't found why…
If you try to launch
su -m nagios -c "/usr/pbi/nrpe-amd64/libexec/nagios/check_pfsvc squid"
it will work.But if you launch it throught the nrpe daemon it won't work.
If edit the file to write dumb content (echo 'ok'; exit(0);) it will work.From my tests it's the call to '/usr/local/sbin/pfSsh.php' that is blocked.
I've tried to launch /usr/local/sbin/pfSsh.php via a shell script configured as a nrpe command and it returns the error code 127 (http://tldp.org/LDP/abs/html/exitcodes.html ?).
I don't know how to debug further...
-
Yes, I have rewrite the script in shell and I have an error about "/usr/local/sbin/pfSsh.php not found".
so the user nagios has no sufficent right to invoke this command. -
If you call your script
sudo -m nagios -c "/path/to/your/script"
I think it will work so it's more like if the nrpe service has not access to this file (may be it is jailed or there something else).