Pfsense Nagios Monitoring SNMP/NRPE help!

hardingnick

Trying to monitor my Pfsense box with my nagios server but ide like to do this over SNMP and not NRPE,

Does anyone know the OID's for…

• CPU Temp/System Temp
• GEOM Mirror Status?

I have ran many checks against the system but cannot find anything helpful?

Currently have it monitoring DHCP Server, DNS Server, LAN & WAN connections, and PING.

Thanks all!

hardingnick

Still having a nightmare with this guys. Simply cannot find a way to monitor Temp, RAM thats free to use, or GEOM mirror status with nagios. Any input would be greatly appreciated!

tim.mcmanus

You were on the right path doing an SNMP walk to find the correct OIDs.

pfSense uses Net-SNMP and what it can capture varies from platform to platform.  The differences come from the SNMP implementation in each platform.  Meaning, if Net-SNMP on FreeBSD does not capture those metrics, they won't be available.  Complicating things are the variations in hardware platforms–does the hardware allow for those metrics to be captured.

hardingnick

Hi Tim, very grateful for your reply!

After spending a good few hours looking through the output of snmpwalk there was only a couple of things i found handy, so for the others im having to revert to NRPE..

• GEOM Mirror Status
• System RAM/Memory used
• System Temp

The problem i am now faced with is i am having great difficulty installing plugins in the /usr/local/libexec/nagios/ directory on the pfsense box. When i feel they are installed correctly i find that when i run ./someplugin –help it says the plugin does not exist, or just returns me a blank line. I am also wondering why some of the plugins have a "*" next to them and some have a "@"? ...

[2.3.4-RELEASE][admin@pfSense.hardinghome]/usr/local/libexec/nagios: ./ch
check_apt*          check_http*        check_nntps@        check_sensors*
check_breeze*      check_icmp*        check_nrpe2*        check_simap@
check_by_ssh*      check_ifoperstatus* check_nt*          check_smtp*
check_clamd@        check_ifstatus*    check_ntp*          check_spop@
check_cluster*      check_imap@        check_ntp_peer*    check_ssh*
check_dhcp*        check_ircd*        check_ntp_time*    check_ssmtp@
check_dig*          check_jabber@      check_nwstat*      check_swap*
check_disk*        check_load*        check_oracle*      check_tcp*
check_disk_smb*    check_log*          check_overcr*      check_time*
check_dummy*        check_mailq*        check_ping*        check_udp@
check_file_age*    check_mrtg*        check_pop@          check_ups*
check_flexlm*      check_mrtgtraf*    check_procs*        check_users*
check_ftp@          check_nagios*      check_real*        check_wave*
check_geom.sh*      check_nntp@        check_rpc*

As you can see my "check_geom.sh" plugin is there, which i took from here - https://exchange.nagios.org/directory/Plugins/Operating-Systems/BSD/FreeBSD/check_geom-2Esh/details  but when i try to run it manually from terminal i get..

[2.3.4-RELEASE][admin@pfSense.hardinghome]/usr/local/libexec/nagios: ./check_geom.sh
[2.3.4-RELEASE][admin@pfSense.hardinghome]/usr/local/libexec/nagios:

Just a blank line? Thank you for being patient with me, i am a complete newbie to freeBSD but am very familiar with Ubuntu server. (which nagios is hosted on)

tim.mcmanus

I'm out of my element helping with nagios.  I monitored using OpenNMS, which uses SNMP and is agentless.

pfSense is based on FreeBSD, but the pfSense developers make additional changes to the code to optimize it for their needs.  So there may be some limitation in the net-snmp implementation (I am speculating and this may not be an accurate statement).

Your best bet is to ask these questions at the FreeBSD forums.  More than likely someone else over there has solved these issues.  Sorry I couldn't be more help.

hardingnick

Thanks for the input Tim, if i do make any progress i will be sure to report it back here!

hardingnick

Joined the FreeBSD forum, put a post up, went missing within 5 mins, messaged Admin to ask where its gone and got this response..

It was held for moderation. And I deleted it because it was not allowed.

PC-BSD, FreeNAS, NAS4Free, and all other FreeBSD Derivatives

Fuck sake.

hardingnick

Got there in the end! Usable Ram is done with a minus statement so when theres 2gb usable left throw a warning and when theres 1 gb left throw a critical.

CPU temp seems to be the same accross all 4 cores so only monitoring 1, warning at 35 and critical at 45.

chrcoluk

would really appreciate info of the OID's etc. as information related to monitoring pfsense is really lacking on these forums.

I doubt noone monitors their pfsense units, it just seems to be info not readily spared.

All I have managed so far on pfsense is the standard snmp stuff like interface stats and cpu usage.

But I would love things like temps, ups stats, and packet filter stats.

The plan is I will make scripts that run on pfsense to fetch the data, then add to snmp via 'extends' function.

hardingnick

@chrcoluk:

would really appreciate info of the OID's etc. as information related to monitoring pfsense is really lacking on these forums.

I doubt noone monitors their pfsense units, it just seems to be info not readily spared.

All I have managed so far on pfsense is the standard snmp stuff like interface stats and cpu usage.

But I would love things like temps, ups stats, and packet filter stats.

The plan is I will make scripts that run on pfsense to fetch the data, then add to snmp via 'extends' function.

Hi mate, i will provide my Nagios conf and pfsense nrpe conf, hope this helps…

Host File…

##################

HOST DEFINITIONS

##################

define host{
        use            generic-switch
        host_name      Pfsense
        alias          Pfsense
        address        172.16.7.100
        hostgroups      switches
        }

########################

HOST GROUP DEFINITIONS

########################

define hostgroup{
        hostgroup_name  routers
        alias          Network Switches
        }

#####################

SERVICE DEFINITIONS

#####################

define service{
        use                    generic-service
        host_name              Pfsense
        service_description    PING
        check_command          check_ping!200.0,20%!600.0,60%
        normal_check_interval  2
        retry_check_interval    1
        }

define service{
        use                    generic-service
        host_name              Pfsense
        service_description    DHCP Server
        check_command          check_dhcp!enp2s0
        normal_check_interval  2
        retry_check_interval    1
        }

define service{
        use                    generic-service
        host_name              Pfsense
        service_description    DNS Server
        check_command          check_dns!www.google.co.uk!172.217.23.3
        normal_check_interval  2
        retry_check_interval    1
        }

define service{
        use                    generic-service
        host_name              Pfsense
        service_description    LAN
        check_command          check_snmp_int!igb0! -C public
        normal_check_interval  2
        retry_check_interval    1
        }

define service{
        use                    generic-service
        host_name              Pfsense
        service_description    WAN
        check_command          check_snmp_int!igb1! -C public
        normal_check_interval  2
        retry_check_interval    1
        }

define service{
        use                    generic-service
        host_name              Pfsense
        service_description    Current Load
        check_command          check_nrpe!check_load
        normal_check_interval  2
        retry_check_interval    1
        }

define service{
        use                    generic-service
        host_name              Pfsense
        service_description    GEOM Mirror
        check_command          check_nrpe!check_gmirror.sh
        normal_check_interval  2
        retry_check_interval    1
        }

define service{
        use                    generic-service
        host_name              Pfsense
        service_description    CPU Temperature
        check_command          check_nrpe!check_cputemp.sh
        normal_check_interval  1
        retry_check_interval    1
        }

define service{
        use                    generic-service
        host_name              Pfsense
        service_description    Swap Usage
        check_command          check_nrpe!check_swap
        normal_check_interval  1
        retry_check_interval    1
        }

define service{
        use                    generic-service
        host_name              Pfsense
        service_description    Unused RAM
        check_command          check_snmp!.1.3.6.1.4.1.2021.4.6.0!2000000:!1000000:
        normal_check_interval  2
        retry_check_interval    1
        }

Pfsense nrpe.cfg

log_facility=daemon
pid_file=/var/run/nrpe2.pid
server_port=5666
nrpe_user=nagios
nrpe_group=nagios
allowed_hosts=172.16.7.1
dont_blame_nrpe=1
debug=0
command_timeout=60
connection_timeout=300
command[check_users]=/usr/local/libexec/nagios/check_users -w 5 -c 10
command[check_load]=/usr/local/libexec/nagios/check_load -w 15,10,5 -c 30,25,20
command[check_root]=/usr/local/libexec/nagios/check_disk -w 20% -c 10% -p /
command[check_var]=/usr/local/libexec/nagios/check_disk -w 20% -c 10% -p /var/run
command[check_zombie_procs]=/usr/local/libexec/nagios/check_procs -w 5 -c 10 -s Z
command[check_swap]=/usr/local/libexec/nagios/check_swap -w 30% -c 20%
command[check_gmirror.sh]=/usr/local/libexec/nagios/check_gmirror.sh
command[check_cputemp.sh]=/usr/local/libexec/nagios/check_cputemp.sh 1 35 45
server_address=172.16.7.100

unixsamurai

I know this is an old thread, but I'd really like to see the contents of the "check_cputemp.sh" file for pfsense.