Monitoring service status



  • Hello,

    I would like to monitor services status with our Nagios/NRPE but I wonder which command launch to check, let's say, the captive portal.

    Does somebody knows how?


  • Rebel Alliance Developer Netgate

    If you can run a command line check, use:

    pfSsh.php playback svc status captiveportal 
    

    For example:

    : pfSsh.php playback svc status captiveportal thiszone
    
    Starting the pfSense developer shell....
    
    Service captiveportal is running.
    
    


  • Thanks for the reply!

    I don't know why but if launch the command I don't have the status.

    Example 1.

    pfSsh.php playback svc status captiveportal cpzone
    
    Starting the pfSense shell system...............
    
    Attempting to issue status to captiveportal service...
    
    

    Example 2.

    pfSsh.php playback svc status squid
    
    Starting the pfSense shell system...............
    
    Attempting to issue status to squid service...
    
    

    My pfSenses are 2.1.5 and the services are up.
    I tried to shutdown a service but the answer is the same.
    The script always exit with error code 0 (echo $?).

    Any idea?



  • I've found that there is no "status" action in /etc/phpshellsessions/svc
    Github shows that it has been introduced in 2.2 beta.

    Looks like I will have to wait for us to upgrade to 2.2 or do a ugly patch to svc (it should work I think)…

    Thank you for showing me the right file.


  • Rebel Alliance Developer Netgate

    Yes, the status action only works on 2.2.

    You could take /etc/phpshellsessions/svc from a 2.2 box and use it on 2.1.5 though, the only changes were in that one file and I believe all the necessary supporting functions were there as well. Worth a shot.



  • Yes but i'm afraid it could break something for the next upgrade to 2.2.


  • Rebel Alliance Developer Netgate

    overwriting that one file won't hurt anything.



  • OK thank you



  • I have setup those checks with Nagios and NRPE.

    If it can help someone :

    • Install NRPE via System>Packages
    • Download the zipfile (http://www.filedropper.com/checkpfsvc). It contains 2 files : "check_pfsvc" which is the nagios plugin used by nrpe to do the services check and "svc" which is a pfSense 2.2 version of the file /etc/phpshellsessions/svc
    • Transfer "check_pfsvc" in /usr/pbi/nrpe-amd64/libexec/nagios (it should be another location for 32b installations) and do a chmod 555 on it ; chown it to root and set the group to wheel
    • If your pfSense version is <2.2 backup your /etc/phpshellsessions/svc and replace with the file provided in the archive

    After that configure NRPE as you need. See nrpev2.png to see how i've configured it.




  • Hello,

    I'm back because I've upgraded to latest pfsense release and my script does not work through NRPE but it works from root account through SSH.
    I've tried to port it to sh script but it does not work. The error I catch from the nrpe launch of my script is /usr/pbi/nrpe-amd64/local/libexec/nagios/check_pfsvc: /usr/local/sbin/pfSsh.php: not found

    Does someone has an idea why it does not work anymore?



  • No idea? I think it's a modification on rights or in the nrpe plugin but I can't find it.



  • @rct:

    I have setup those checks with Nagios and NRPE.

    If it can help someone :

    • Install NRPE via System>Packages
    • Download the zipfile (http://www.filedropper.com/checkpfsvc). It contains 2 files : "check_pfsvc" which is the nagios plugin used by nrpe to do the services check and "svc" which is a pfSense 2.2 version of the file /etc/phpshellsessions/svc
    • Transfer "check_pfsvc" in /usr/pbi/nrpe-amd64/libexec/nagios (it should be another location for 32b installations) and do a chmod 555 on it ; chown it to root and set the group to wheel
    • If your pfSense version is <2.2 backup your /etc/phpshellsessions/svc and replace with the file provided in the archive

    After that configure NRPE as you need. See nrpev2.png to see how i've configured it.

    I can't download the zipfile =(

    that link redirects me to filedropper.com



  • It doesn't work anymore on pfSense 2.2.x and I can't find why. Sorry.



  • No problem, i need it for a pfSense 2.1-RELEASE

    BTW: Anyone knows this package? https://exchange.nagios.org/directory/Plugins/Software/check_squid/details

    check_squid

    teorically it must be installed on Nagios Server (in my case, is a Ubuntu 14.04)

    idk if this works properly because i can't run it. It says

    Can't locate Nagios/Plugin.pm in @INC (you may need to install the Nagios::Plugin module) (@INC contains: /etc/perl /usr/local/lib/perl/5.18.2 /usr/local/share/perl/5.18.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.18 /usr/share/perl/5.18 /usr/local/lib/site_perl .)Can't locate Nagios/Plugin.pm in @INC (you may need to install the Nagios::Plugin module) (@INC contains: /etc/perl /usr/local/lib/perl/5.18.2 /usr/local/share/perl/5.18.2 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.18 /usr/share/perl/5.18 /usr/local/lib/site_perl .)

    I know this isn't a Nagios forum, but just for share the experience



  • You can find the file attached to this message.

    check_pfsvc.zip



  • @rct:

    You can find the file attached to this message.

    thanks, [hippie] i love you [/hippie]



  • For your Nagios issue I think you miss the perl lib that has been written as a "template" for creating nagios plugins (https://exchange.nagios.org/directory/Plugins/*-Plugin-Development-Tools/Nagios-3A-3APlugin/details).



  • @rct:

    For your Nagios issue I think you miss the perl lib that has been written as a "template" for creating nagios plugins (https://exchange.nagios.org/directory/Plugins/*-Plugin-Development-Tools/Nagios-3A-3APlugin/details).

    i guess i need some more dependencies because when i run perl Makefile.PL this is what it shows:

    Warning: prerequisite Config::Tiny 0 not found.
    Warning: prerequisite Math::Calc::Units 0 not found.
    Warning: prerequisite Params::Validate 0 not found.
    Writing Makefile for Nagios::Plugin
    Writing MYMETA.yml and MYMETA.json
    
    

    i'll take a look to your file and follow your instructions to check squid & squidguard status for my pfsense

    Thank you for your attention



  • No problem! I hope it'll do the trick for you :)



  • i've done all the configurations on pfsense side

    now i'm on my Nagios Server and i don't know how to add this checks on my status monitor

    here's my 'pfsense22.cg" file

    
    # A simple configuration file for monitoring the local host
    # This can serve as an example for configuring other servers;
    # Custom services specific to this host are added here, but services
    # defined in nagios2-common_services.cfg may also apply.
    # 
    
    define host{
            use                     generic-host            ; Name of host template to use
            host_name               pfsense22
            alias                   virtualprana
            address                 10.0.0.22
            }
    
    # Define a service to check the disk space of the root partition
    # on the local machine.  Warning if < 20% free, critical if
    # < 10% free space on partition.
    
    define service{
            use                             generic-service         ; Name of service template to use
            host_name                       pfsense22
            service_description             Disk Space
            check_command                   check_all_disks!20%!10%
            }
    
    # Define a service to check the number of currently logged in
    # users on the local machine.  Warning if > 20 users, critical
    # if > 50 users.
    
    define service{
            use                             generic-service         ; Name of service template to use
            host_name                       pfsense22
            service_description             Current Users
            check_command                   check_users!20!50
            }
    
    # Define a service to check the number of currently running procs
    # on the local machine.  Warning if > 250 processes, critical if
    # > 400 processes.
    
    define service{
            use                             generic-service         ; Name of service template to use
            host_name                       pfsense22
            service_description             Total Processes
    		check_command                   check_procs!250!400
    	}
    
    # Define a service to check the load on the local machine. 
    
    define service{
            use                             generic-service         ; Name of service template to use
            host_name                       pfsense22
            service_description             Current Load
    		check_command                   check_load!5.0!4.0!3.0!10.0!6.0!4.0
            }
    
    define service{
    	use				generic-service
    	host_name			pfsense22
    	service_description		Current Load
    		check_command		check_nrpe
    }
    
    # Define a service to check squid status
    
    


  • You can add the following to your file according you have setup a command named "check_squid_svc" in the NRPE package.

    define service {
            use                            generic-service
            host_name                      pfsense22
            service_description            Squid service
            check_command                  check_nrpe!check_squid_svc
    }



  • thanks!

    it shows me an UNKNOWN state

    details:

    
    Current Status:	
      UNKNOWN  
     (for 0d 0h 25m 45s)
    Status Information:	(No output returned from plugin)
    NRPE Plugin for Nagios
    Copyright (c) 1999-2008 Ethan Galstad (nagios@nagios.org)
    Version: 2.15
    Last Modified: 09-06-2013
    License: GPL v2 with exemptions (-l for more info)
    SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required
    \nUsage: check_nrpe -H <host>[ -b <bindaddr>] [-4] [-6] [-n] [-u] [-p <port>] [-t <timeout>] [-c <command></command>] [-a <arglist...>]
    \nOptions:
    -h = Print this short help.
    -l = Print licensing information.
    -n = Do no use SSL
    -u = Make socket timeouts return an UNKNOWN state instead of CRITICAL
     <host>= The address of the host running the NRPE daemon
     <bindaddr>= bind to local address
    -4 = user ipv4 only
    -6 = user ipv6 only
    [port] = The port on which the daemon is running (default=5666)
    [timeout] = Number of seconds before connection times out (default=10)
    [command] = The name of the command that the remote daemon should run
    [arglist] = Optional arguments that should be passed to the command. Multiple
    arguments should be separated by a space. If provided, this must be
    the last option supplied on the command line.
    \nNote:
    This plugin requires that you have the NRPE daemon running on the remote host.
    You must also have configured the daemon to associate a specific plugin command
    with the [command] option you are specifying here. Upon receipt of the
    [command] argument, the NRPE daemon will run the appropriate plugin command and
    send the plugin output and return code back to *this* plugin. This allows you
    to execute plugins on remote hosts and 'fake' the results to make Nagios think
    the plugin is being run locally.
    \n
    Performance Data:	
    Current Attempt:	4/4  (HARD state)
    Last Check Time:	2015-06-18 12:50:08
    Check Type:	ACTIVE
    Check Latency / Duration:	0.085 / 0.005 seconds
    Next Scheduled Check:  	2015-06-18 12:55:08
    Last State Change:	2015-06-18 12:27:08
    Last Notification:	2015-06-18 12:30:13 (notification 1)
    Is This Service Flapping?	
      NO  
     (5.72% state change)
    In Scheduled Downtime?	
      NO  
    Last Update:	2015-06-18 12:52:53  ( 0d 0h 0m 0s ago)
    Active Checks:	
      ENABLED  
    Passive Checks:	
      ENABLED  
    Obsessing:	
      ENABLED  
    Notifications:	
      ENABLED  
    Event Handler:	
      ENABLED  
    Flap Detection:	
      ENABLED</bindaddr></host></arglist...></timeout></port></bindaddr></host> 
    


  • NOW IS WORKING

    TY V M

    I'll nat some ports from some clients now.

    Thanks for all, again



  • Ok glad it works for you  :)



  • Hi,

    I'm trying to use your script on my pfsense 2.2.6.
    In shell, it's working.
    in nrpe, my remote server give me : Could not read output.
    Another check on the pfsense using nrpe (check_load, …) are working as fine.

    Any suggestions to fix this issue ?

    Thanks,
    Yannick



  • No sorry I've had the same problem when I have upgraded my pfSense and I haven't found a way to resolve this issue. :(



  • a short test with a bash script works as fine.
    so it seems that the nagios account use by nrpe don't have rights to execute the php interpreter (/usr/local/bin/php).



  • I agree it seems to be a security constraint somewhere but I don't know Freebsd and I haven't found why…

    If you try to launch
    su -m nagios -c "/usr/pbi/nrpe-amd64/libexec/nagios/check_pfsvc squid"
    it will work.

    But if you launch it throught the nrpe daemon it won't work.
    If edit the file to write dumb content (echo 'ok'; exit(0);) it will work.

    From my tests it's the call to '/usr/local/sbin/pfSsh.php' that is blocked.

    I've tried to launch /usr/local/sbin/pfSsh.php via a shell script configured as a nrpe command and it returns the error code 127 (http://tldp.org/LDP/abs/html/exitcodes.html ?).

    I don't know how to debug further...



  • Yes, I have rewrite the script in shell and I have an error about "/usr/local/sbin/pfSsh.php not found".
    so the user nagios has no sufficent right to invoke this command.



  • If you call your script
    sudo -m nagios -c "/path/to/your/script"
    I think it will work so it's more like if the nrpe service has not access to this file (may be it is jailed or there something else).



  • I think nagios account is jailed.