nsca passive monitoring of nagios

Keywords: vim yum network Linux

brief introduction

_Generally, we can basically achieve monitoring needs by using nagios active monitoring, but with the increase of the number of servers, nagios server will continue to use active monitoring will be overwhelming; in addition, when we need to use third-party data acquisition tools combined with nagios for alarm, we need to use passive monitoring.

Principle of passive monitoring

_Compared with the active mode in which the server actively polls the monitored machine to obtain monitoring data, the passive mode is to obtain monitoring data through plug-ins or scripts on the monitored machine, then send the data to the monitored machine through send_nsca, and finally the monitored machine receives and parses the data through Nsca and transmits it to Nagios. One of the great advantages of this method is to put all the other work except data processing on the monitored machine (including data transmission), so as to avoid the delay of monitoring response caused by too long polling time when the number of monitored machines is large, which is also the key for passive mode to take on a larger amount of monitoring.

_On the nagios client, using the plug-in provided by nagios-plugins, we get the monitoring data, then save the data as a file, use input redirection, and send the data to the nagios server through send_nsca. The nagios server runs a daemon of NSCA (port 5667 is opened by default) to receive the data, then does a simple process (corresponds to the service file of nagios, excludes the redundant monitoring data), then converts the data format and sends it to the "external command file" of Nagios (default configuration is "/usr/local/nagios/var/rw/nagios.cmd). ” Defined in nagios.cfg).
This file is a pipeline file and also an interface of nagios main program (used to receive monitoring data). When cat is used to view this file, the data format processed by nsca will come out. Then the main program of nagios processes the data and displays it in the front desk, alarms and so on.

assembly

Nsca is installed on nagios server, which receives and parses monitoring data from nagios client and transmits it to nagios
Send_nsca is installed on nagios client to send monitoring data

To configure

IP hostname assembly
192.168.1.1 nagios server nsca
192.168.1.2 nagios client send_nsca

1. nagios server configuration

1. Installing nsca components

#Installation dependency
yum install libmcrypt
wget http://prdownloads.sourceforge.net/sourceforge/nagios/nsca-2.7.2.tar.gz
tar -zxvf nsca-2.7.2.tar.gz
./configure
make all
#Copy the executable of NSCA to the bin directory of Nagios
cp src/nsca /usr/local/nagios/bin/
# Copy the NSCA sample configuration file to the Nagios etc directory:
cp sample-config/nsca.cfg /usr/local/nagios/etc/
chmod 755 /usr/local/nagios/bin/nsca
chown nagios.nagios /usr/local/nagios/bin/nsca
chown nagios.nagios /usr/local/nagios/etc/nsca.cfg

2. Configure nsca.cfg

vim /usr/local/nagios/etc/nsca.cfg
server_address=192.168.1.1
#The debug option, the log option, writes message s
debug=1
#It can support more monitoring quantity. Suggestion to open
aggregate_writes=1
#Packet expiration time, default 30s, but considering network factors, it is recommended to set 60s
max_packet_age=60
nsca_user=nagios
nsca_group=nagios
#For send_nsca authentication with nagios client, no settings are allowed
password=naigos_test

3. Configure xinetd daemon startup

vim /etc/services
#Add the following lines
nsca            5667/tcp                # nsca
#Copy the startup file of NSCA to the relevant directory of xinetd, pay attention to the name and the corresponding above
cp sample-config/nsca.xinetd /etc/xinetd.d/nsca
vim /etc/xinetd.d/nsca
service nsca
{
        flags           = REUSE
        socket_type     = stream     
        wait            = no
        user            = nagios
        group           = nagios
        server          = /usr/local/nagios/bin/nsca
        server_args     = -c /usr/local/nagios/etc/nsca.cfg --inetd
        log_on_failure  += USERID
        disable         = no
        #Multiple monitored terminals can be added here
        only_from       = 127.0.0.1 192.168.1.2
}

#start-up
service xinetd reload

4. Configure nagios monitoring service items

vim /usr/local/nagios/etc/nagios.cfg
check_external_commands = 1 
#add template
vim /usr/local/nagios/objects/templates.cfg
define service{
        name                            passive_service
        use                             generic-service
        max_check_attempts              3   
        normal_check_interval           5
        #Disable active detection  
        active_checks_enabled           0 
        #Start passive detection  
        passive_checks_enabled          1   
        retry_check_interval            1   
        register                        0   
    } 
#Add monitor host
define host{
    use         linux-server
    host_name   nagios-client
    alias       passive-2
    address     192.168.1.2
}
#Add monitoring commands
vim /usr/local/nagios/objects/commands.cfg
define command{
    command_name    check_dummy
    command_line    /usr/local/nagios/libexec/check_dummy $ARG1$
}
#Adding monitoring tasks
define service{
        use                             passive_service
        host_name                       nagios-client
        service_description             CheckDummy
        check_command                   check_dummy!0
        notifications_enabled           1   
    }

The check_dummy command states:
check_dummy can only handle four parameters (0, 1, 2, and other numbers), and four parameters can represent four states.

[root@nagios etc]# /usr/local/nagios/libexec/check_dummy 0
OK
[root@nagios etc]# /usr/local/nagios/libexec/check_dummy 1
WARNING
[root@nagios etc]# /usr/local/nagios/libexec/check_dummy 2
CRITICAL
[root@nagios etc]# /usr/local/nagios/libexec/check_dummy 3
UNKNOWN

5.nagios server startup

nagioscheck
service nagios reload

2. nagios client configuration

1. Install send_nsca components

#Installation dependency
yum install libmcrypt
wget http://prdownloads.sourceforge.net/sourceforge/nagios/nsca-2.7.2.tar.gz
tar -zxvf nsca-2.7.2.tar.gz
./configure
make all
#Copy the executable of send_nsca to the bin directory of Nagios
cp src/send_nsca /usr/local/nagios/bin/
# Copy the send_nsca sample configuration file to the etc directory of Nagios:
cp sample-config/send_nsca.cfg /usr/local/nagios/etc/
chmod 755 /usr/local/nagios/bin/send_nsca
chown nagios.nagios /usr/local/nagios/bin/send_nsca
chown nagios.nagios /usr/local/nagios/etc/send_nsca.cfg

2. Configure send_nsca.cfg

vim /usr/local/nagios/etc/send_nsca.cfg
#If nsca does not configure authentication, it may not
password=nagios_test

Three, test

1.nagios client sends monitoring data

[root@client etc]echo "192.168.1.2;CheckDummy;0;hello passive service"|/usr/local/nagios/bin/send_nsca -H 192.168.1.1 -d ";" -c /usr/local/nagios/etc/send_nsca.cfg
1 data packet(s) sent to host successfully.

or

cat pasv.txt
192.168.1.2;CheckDummy;0;hello passive service

/usr/local/nagios/bin/send_nsca -H 192.168.1.1 -d ";" -c /usr/local/nagios/etc/send_nsca.cfg < pasv.txt

Among them:
- H 192.168.1.1 is the address of nagios server
- d ";" is the separator for pipeline transmission data, defaulting to "tab" separator
- C send_nsca.cfg is the configuration file path

"192.168.1.2; Check Dummy; 0; Hello passive service" is pipeline data:
192.168.1.2 is the address of nagios server
CheckDummy is the "service_description CheckDummy" of the service monitoring item configured in the nagios server side
0 is alarm status
hello passive service is an alarm message

2.nagios server side display

The above process: the nagios client transmits data to send_nsca program through pipeline, and send nsca sends data to NSCA service of nagios server. The data sent to send_nsca

Posted by prasanthmj on Mon, 22 Apr 2019 01:33:35 -0700

Hot Keywords

©2024 Programmer Group