Monitoring service status

rocaembole

@rct:

I have setup those checks with Nagios and NRPE.

If it can help someone :

• Install NRPE via System>Packages
• Download the zipfile (http://www.filedropper.com/checkpfsvc). It contains 2 files : "check_pfsvc" which is the nagios plugin used by nrpe to do the services check and "svc" which is a pfSense 2.2 version of the file /etc/phpshellsessions/svc
• Transfer "check_pfsvc" in /usr/pbi/nrpe-amd64/libexec/nagios (it should be another location for 32b installations) and do a chmod 555 on it ; chown it to root and set the group to wheel
• If your pfSense version is <2.2 backup your /etc/phpshellsessions/svc and replace with the file provided in the archive

After that configure NRPE as you need. See nrpev2.png to see how i've configured it.

I can't download the zipfile =(

that link redirects me to filedropper.com

rct

It doesn't work anymore on pfSense 2.2.x and I can't find why. Sorry.

rocaembole

No problem, i need it for a pfSense 2.1-RELEASE

BTW: Anyone knows this package? https://exchange.nagios.org/directory/Plugins/Software/check_squid/details

check_squid

teorically it must be installed on Nagios Server (in my case, is a Ubuntu 14.04)

idk if this works properly because i can't run it. It says

Can't locate Nagios/Plugin.pm in @INC (you may need to install the Nagios::Plugin module) (@INC contains: /etc/perl /usr/local/lib/perl/5.18.2 /usr/local/share/perl/5.18.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.18 /usr/share/perl/5.18 /usr/local/lib/site_perl .)Can't locate Nagios/Plugin.pm in @INC (you may need to install the Nagios::Plugin module) (@INC contains: /etc/perl /usr/local/lib/perl/5.18.2 /usr/local/share/perl/5.18.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.18 /usr/share/perl/5.18 /usr/local/lib/site_perl .)

I know this isn't a Nagios forum, but just for share the experience

rct

You can find the file attached to this message.

check_pfsvc.zip

rocaembole

@rct:

You can find the file attached to this message.

thanks, [hippie] i love you [/hippie]

rct

For your Nagios issue I think you miss the perl lib that has been written as a "template" for creating nagios plugins (https://exchange.nagios.org/directory/Plugins/*-Plugin-Development-Tools/Nagios-3A-3APlugin/details).

rocaembole

@rct:

For your Nagios issue I think you miss the perl lib that has been written as a "template" for creating nagios plugins (https://exchange.nagios.org/directory/Plugins/*-Plugin-Development-Tools/Nagios-3A-3APlugin/details).

i guess i need some more dependencies because when i run perl Makefile.PL this is what it shows:

Warning: prerequisite Config::Tiny 0 not found.
Warning: prerequisite Math::Calc::Units 0 not found.
Warning: prerequisite Params::Validate 0 not found.
Writing Makefile for Nagios::Plugin
Writing MYMETA.yml and MYMETA.json

i'll take a look to your file and follow your instructions to check squid & squidguard status for my pfsense

Thank you for your attention

rct

No problem! I hope it'll do the trick for you :)

rocaembole

i've done all the configurations on pfsense side

now i'm on my Nagios Server and i don't know how to add this checks on my status monitor

here's my 'pfsense22.cg" file

# A simple configuration file for monitoring the local host
# This can serve as an example for configuring other servers;
# Custom services specific to this host are added here, but services
# defined in nagios2-common_services.cfg may also apply.
# 

define host{
        use                     generic-host            ; Name of host template to use
        host_name               pfsense22
        alias                   virtualprana
        address                 10.0.0.22
        }

# Define a service to check the disk space of the root partition
# on the local machine.  Warning if < 20% free, critical if
# < 10% free space on partition.

define service{
        use                             generic-service         ; Name of service template to use
        host_name                       pfsense22
        service_description             Disk Space
        check_command                   check_all_disks!20%!10%
        }

# Define a service to check the number of currently logged in
# users on the local machine.  Warning if > 20 users, critical
# if > 50 users.

define service{
        use                             generic-service         ; Name of service template to use
        host_name                       pfsense22
        service_description             Current Users
        check_command                   check_users!20!50
        }

# Define a service to check the number of currently running procs
# on the local machine.  Warning if > 250 processes, critical if
# > 400 processes.

define service{
        use                             generic-service         ; Name of service template to use
        host_name                       pfsense22
        service_description             Total Processes
		check_command                   check_procs!250!400
	}

# Define a service to check the load on the local machine. 

define service{
        use                             generic-service         ; Name of service template to use
        host_name                       pfsense22
        service_description             Current Load
		check_command                   check_load!5.0!4.0!3.0!10.0!6.0!4.0
        }

define service{
	use				generic-service
	host_name			pfsense22
	service_description		Current Load
		check_command		check_nrpe
}

# Define a service to check squid status

rct

You can add the following to your file according you have setup a command named "check_squid_svc" in the NRPE package.

define service {
        use                            generic-service
        host_name                      pfsense22
        service_description            Squid service
        check_command                  check_nrpe!check_squid_svc
}

rocaembole

thanks!

it shows me an UNKNOWN state

details:

Current Status:	
  UNKNOWN  
 (for 0d 0h 25m 45s)
Status Information:	(No output returned from plugin)
NRPE Plugin for Nagios
Copyright (c) 1999-2008 Ethan Galstad (nagios@nagios.org)
Version: 2.15
Last Modified: 09-06-2013
License: GPL v2 with exemptions (-l for more info)
SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required
\nUsage: check_nrpe -H <host>[ -b <bindaddr>] [-4] [-6] [-n] [-u] [-p <port>] [-t <timeout>] [-c <command></command>] [-a <arglist...>]
\nOptions:
-h = Print this short help.
-l = Print licensing information.
-n = Do no use SSL
-u = Make socket timeouts return an UNKNOWN state instead of CRITICAL
 <host>= The address of the host running the NRPE daemon
 <bindaddr>= bind to local address
-4 = user ipv4 only
-6 = user ipv6 only
[port] = The port on which the daemon is running (default=5666)
[timeout] = Number of seconds before connection times out (default=10)
[command] = The name of the command that the remote daemon should run
[arglist] = Optional arguments that should be passed to the command. Multiple
arguments should be separated by a space. If provided, this must be
the last option supplied on the command line.
\nNote:
This plugin requires that you have the NRPE daemon running on the remote host.
You must also have configured the daemon to associate a specific plugin command
with the [command] option you are specifying here. Upon receipt of the
[command] argument, the NRPE daemon will run the appropriate plugin command and
send the plugin output and return code back to *this* plugin. This allows you
to execute plugins on remote hosts and 'fake' the results to make Nagios think
the plugin is being run locally.
\n
Performance Data:	
Current Attempt:	4/4  (HARD state)
Last Check Time:	2015-06-18 12:50:08
Check Type:	ACTIVE
Check Latency / Duration:	0.085 / 0.005 seconds
Next Scheduled Check:  	2015-06-18 12:55:08
Last State Change:	2015-06-18 12:27:08
Last Notification:	2015-06-18 12:30:13 (notification 1)
Is This Service Flapping?	
  NO  
 (5.72% state change)
In Scheduled Downtime?	
  NO  
Last Update:	2015-06-18 12:52:53  ( 0d 0h 0m 0s ago)
Active Checks:	
  ENABLED  
Passive Checks:	
  ENABLED  
Obsessing:	
  ENABLED  
Notifications:	
  ENABLED  
Event Handler:	
  ENABLED  
Flap Detection:	
  ENABLED</bindaddr></host></arglist...></timeout></port></bindaddr></host> 

rocaembole

NOW IS WORKING

TY V M

I'll nat some ports from some clients now.

Thanks for all, again

rct

Ok glad it works for you  :)

ymolinet

Hi,

I'm trying to use your script on my pfsense 2.2.6.
In shell, it's working.
in nrpe, my remote server give me : Could not read output.
Another check on the pfsense using nrpe (check_load, …) are working as fine.

Any suggestions to fix this issue ?

Thanks,
Yannick

rct

No sorry I've had the same problem when I have upgraded my pfSense and I haven't found a way to resolve this issue. :(

ymolinet

a short test with a bash script works as fine.
so it seems that the nagios account use by nrpe don't have rights to execute the php interpreter (/usr/local/bin/php).

rct

I agree it seems to be a security constraint somewhere but I don't know Freebsd and I haven't found why…

If you try to launch
su -m nagios -c "/usr/pbi/nrpe-amd64/libexec/nagios/check_pfsvc squid"
it will work.

But if you launch it throught the nrpe daemon it won't work.
If edit the file to write dumb content (echo 'ok'; exit(0);) it will work.

From my tests it's the call to '/usr/local/sbin/pfSsh.php' that is blocked.

I've tried to launch /usr/local/sbin/pfSsh.php via a shell script configured as a nrpe command and it returns the error code 127 (http://tldp.org/LDP/abs/html/exitcodes.html ?).

I don't know how to debug further...

ymolinet

Yes, I have rewrite the script in shell and I have an error about "/usr/local/sbin/pfSsh.php not found".
so the user nagios has no sufficent right to invoke this command.

rct

If you call your script
sudo -m nagios -c "/path/to/your/script"
I think it will work so it's more like if the nrpe service has not access to this file (may be it is jailed or there something else).

ymolinet

I think nagios account is jailed.