Passive checks with NSCA
Colin A. White
colin at trematon.com
Thu Dec 4 19:38:48 CET 2003
Thanks for the feedback, but this was the crux of my original question
- the remote host I'm trying to monitor (running send_nsca) has a
dynamic private IP... and hence an unresolvable hostname.
By commenting out this allowed_hosts in ncsa.cfg on the nagios host, am
I effectively allowing any/all hosts to submit passive checks? Or no
hosts at all?
Thks
Colin
DTerrell at Delphi-Tech.com wrote:
>You need to set the nsca.cfg to allow the client IP addresses on the machine
>your sending the passive check to.
>
>nsca.cfg
>...
>allowed_hosts=127.0.0.1,xxx.xxx.xxx.xxx
>...
>
>
>
>
>>________________________
>>David A. Terrell
>>MIS Engineer, RHCE, A+
>>Delphi Technology, Inc.
>>Cambridge, MA 02139
>>617-494-8361 x2024
>>
>>
>>
>>
>
>
>-----Original Message-----
>From: Colin A. White [mailto:colin at trematon.com]
>Sent: Thursday, December 04, 2003 1:02 PM
>To: nagios-users at lists.sourceforge.net
>Subject: Re: [Nagios-users] Passive checks with NSCA
>
>
>Thanks for this check.
>
>It seems my object file definitions pass the preflight check and nagios
>starts up happily...
>
>However, when I try run from the debian device :
> > send_nsca -H nagios.host.com -c send_nsca.cfg
>
>I get :
>
>
>
>>Error: Server closed connection before init packet was received
>>Error: Could not read init packet from server
>>
>>
>
>I've had my firewall admin open tcp-5667 to the nagios host. Should
>this have been udp-5667 ??
>Any suggestions on how to pursue this cryptic error msg?
>
>Thks
>
>Marc Powell wrote:
>
>
>
>>
>>
>>
>>
>>>-----Original Message-----
>>>From: Colin A. White [mailto:colin at trematon.com]
>>>Sent: Thursday, December 04, 2003 10:55 AM
>>>To: 'nagios-users at lists.sourceforge.net'
>>>Subject: [Nagios-users] Passive checks with NSCA
>>>
>>>Greetings all,
>>>
>>>I was wondering if anyone could give me a quick sanity check before I
>>>dive in and break my Nagios install...
>>>
>>>I'm hoping to deploy the nsca addon (and send_nsca) to passively
>>>
>>>
>>>
>>>
>>monitor
>>
>>
>>
>>
>>>two debian devices hanging off the end of a DSL line. i.e. the target
>>>hosts have dynamic private IPs and do not have resolvable hostnames.
>>>
>>>
>>>
>>>
>>I'm
>>
>>
>>
>>
>>>aiming to log snmp traps only. Am I right to think this is a 'passive
>>>check of a volatile service' in nagios-speak ?
>>>
>>>
>>>
>>>
>>Yep.
>>
>>
>>
>>
>>
>>>I'm wondering now, how to correctly configure the object files for
>>>
>>>
>>>
>>>
>>these
>>
>>
>>
>>
>>>hosts and their passive services. I notice from the docs "that in
>>>order to submit passive service checks to Nagios, a service must have
>>>already been defined in the object configuration file" Is this
>>>
>>>
>>>
>>>
>>proposed
>>
>>
>>
>>
>>>service definition sane??
>>>
>>>define service{
>>> host_name unknown
>>> service_description TRAP
>>> check_command check-host-alive
>>> is_volatile 1
>>> active_checks_enabled 0
>>> passive_checks_enabled 1
>>> check_period none
>>> max_check_attempts 1
>>> normal_check_interval 1
>>> retry_check_interval 1
>>> notifications_enabled 1
>>> notification_interval 31536000
>>> notification_period 24x7
>>> notification_options w,u,c,r
>>> contact_groups linux-admins
>>> }
>>>
>>>
>>>
>>>
>>You must define the service in Nagios so it knows that the passive check
>>isn't bogus. I would use a more descriptive host_name above. Think of it
>>as a label, not as a DNS name. The check_command is fine, it'll never
>>get executed. For a cleaner web interface (without the big red 'X'),
>>consider setting active_checks_enabled to 1 and leaving the check_period
>>set to none. That's a personal preference however.
>>
>>
>>
>>
>>
>>>I'm also wondering how to handle the hosts.cfg definition which
>>>
>>>
>>>
>>>
>>requires
>>
>>
>>
>>
>>>an address param as a mandatory field...?? It's this 'gotcha' that
>>>
>>>
>>>
>>>
>>has
>>
>>
>>
>>
>>>me most stumped. Am I able to use an arbitrary or fake IP and simply
>>>use host_name matching to determin whether to accept and log the trap?
>>>
>>>
>>>
>>>
>>You can use an arbitrary IP (127.0.0.1 for example). If you don't define
>>a check_command in your host block, the IP will never be used ofr
>>anything. Nagios uses the host_name (label) and service_description to
>>make all internal associations and decide whether to accept or ignore
>>the passive check.
>>
>>
>>If you haven't read it,
>>http://nagios.sourceforge.net/docs/1_0/int-snmptrap.html might be useful
>>to you.
>>
>>--
>>Marc
>>
>>
>>
>>
>
>
>
>
>
>
>-------------------------------------------------------
>This SF.net email is sponsored by: SF.net Giveback Program.
>Does SourceForge.net help you be more productive? Does it
>help you create better code? SHARE THE LOVE, and help us help
>YOU! Click Here: http://sourceforge.net/donate/
>_______________________________________________
>Nagios-users mailing list
>Nagios-users at lists.sourceforge.net
>https://lists.sourceforge.net/lists/listinfo/nagios-users
>::: Please include Nagios version, plugin version (-v) and OS when reporting
>any issue.
>::: Messages without supporting info will risk being sent to /dev/null
>
>
--
Colin A. White SCSA, SCNA
Executive Officer
Trematon UK Ltd
T +44 (0)7973 198931
IM 49636683
www.trematon.com
-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive? Does it
help you create better code? SHARE THE LOVE, and help us help
YOU! Click Here: http://sourceforge.net/donate/
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list