AW: Nagios plugin to copy large text files

Mohr James james.mohr at elaxy.com
Fri Sep 16 18:57:09 CEST 2005
Previous message: Nagios plugin to copy large text files
Next message: Nagios plugin to copy large text files
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Marc,

I fully understand what the intent of NRPE is. Nagios and NRPE are open source tools with their roots in the UNIX tradition that one can often use a tool to do things other than which is was intented. Often times people who have worked with a product for a long time in real-world environments are able to get programs to do things even the developer didn't know the product could do. (My brother told me a story where he once showed Stephan Bourne something with the Bourne-Shell that Bourne himself said couldn't be done). So, for me, the fact that "NRPE isn't designed to copy files between hosts" is not the issue. (see Gene Kranz in "Apollo 13": "I am not interested in what it was designed to do. I want to know what it can do." "If it lights, it lights. I am not going to hold you personally responsible if it doesn't".) ;-)

We are currently using HP OpenView, which allows the executed script/programm to send several kilobytes of data. OpenView also has an additional mechansism which enables us to send megabytes of data. (<horn tooting>I have implemented this in a way that OpenView was "not designed to do", to the surprise of HP support. Pushing programs beyond what they are designed to do in order to accomplish the task at hand makes the difference between a good system administrator and an operator. </horn tooting>) 

We are in the process of moving to Nagios. Many of script that we currently execute via OpenView havae output many times what nrpe can send. In some cases we can cut he output to something that can fit into the 350 character limitation. 

We still have many scripts that deliver more information than the 350 characters. In these cases, it is not sufficient to have a messages that say "The system has a problem". We need *all* of the information. In those cases where the information we need from the application is greater than 350 characters, the only solution we currently have it to execute the command locally. 

Since we work in a high security environment, we have to go through at least two additional machines before we get to the machine reporting the problem. Since the information we need to collect is something that we have to pass to our customers, we would need to first connect through the various machines, execute the command and the write down the command output by hand. We cannot cut and paste the text because we are going through the Windows Terminal Server Client. 

Remote syslog is a possibility and has been investigated. However, the maximum line length is also below the limit that we need so we would have to send individual lines to syslog. Perhaps someone knows a way of sending several KB at once to avoid the possibility that messages are intertwined. Still, syslog isn't designed to copy files between hosts. ;-)

scp, ftp, rsync, ftp, wget and CFEngine are not a viable solution for security reasons. Basically, we are not allowed to open ports through the various firewalls without permission from the customer. Several are online brokers that are obviously very security conscious. It is extremely unlikely that all of the would allow us to open additional ports *and* install the necessary applications. Since you can start only the applications that are configured in nrpe.cfg, this is an acceptable risk as the bank auditors that check the brokers servers (which we manage) can instantly identify which applications could be run on the remote system. 

Even if we got ftp or any of the other applications authorized for every single customer, we have the additional problem of relating the currently executed script to a specific file that we get via ftp. When we see a problem on a remote machine, we are using calling check_nrpe from a web application to execute a specific command on that machine (probably something for which check_nrpe was not designed.) 

One possible technically possible alternative would be to follow the same path in reverse. Rsync/ftp, etc copied to one machine, then that machine copies it to a second, then that machine copies it to a third and so on. This solution is not acceptable to my boss because of the number of machines involved and the complexity necessary to relate the data/file transfered to the application that the operator just started. 

We have also investigated the possibility of creating our own client-server application using perl. The only purpose would be to retrieve files from specific directories. This has a greater chance of getting approved because of the limitations we could froce on the program and auditors would be able to see the limitation for themselves.

Using nrpe, we would not need to open any additional ports, as the ports has already been approved. It also allows us to restrict which applications are executed. It would also not require any additional programming on our part and there is a direct connection between the Nagios server and the client machine without any intermediaries.

Regards,

Jim Mohr

>> -----Ursprüngliche Nachricht-----
>> Von: nagios-users-admin at lists.sourceforge.net 
>> [mailto:nagios-users-admin at lists.sourceforge.net] Im Auftrag 
>> von Marc Powell
>> Gesendet: Mittwoch, 14. September 2005 23:14
>> An: Nagios-users at lists.sourceforge.net
>> Betreff: RE: [Nagios-users] Nagios plugin to copy large text files
>> 
>> 
>> 
>> > -----Original Message-----
>> > From: nagios-users-admin at lists.sourceforge.net 
>> [mailto:nagios-users- 
>> > admin at lists.sourceforge.net] On Behalf Of Mohr James
>> > Sent: Wednesday, September 14, 2005 3:16 PM
>> > To: Nagios-users at lists.sourceforge.net
>> > Subject: [Nagios-users] Nagios plugin to copy large text files
>> > 
>> > Hi All!
>> > 
>> > I was wondering if there was a Nagios plug-in that was 
>> able to "copy"
>> > large block of text from the agent to the server. This is 
>> related to
>> the
>> > "NRPE Character limitation" post I made, but I was thinking of a 
>> > alternate solution. All we are really interested in is 
>> getting text 
>> > files (i.e. /var/log/messages) from the clients to the server. For 
>> > various reasons, rsync, ftp, and so forth are out of
>> the
>> > question, so we need a different solution. The first 
>> thought was nrpe, 
>> > but we have the problem of being able to only send 350 
>> characters. If 
>> > there is no plug-in, does someone have any ideas or 
>> suggestions how we 
>> > can solve this problem? Any and all help is greatly appreciated.
>> 
>> Nagios is not a file management application. NRPE isn't 
>> designed to copy files between hosts. Both are designed 
>> solely to execute plugins that return one line of text and 
>> exit with the proper exit code. Instead of framing your 
>> problem to us only as solutions you think might work, why 
>> don't you try to explain what you're trying to accomplish in 
>> more detail. Something like 'I am trying to use nagios to
>> check|detect|verify|other specific words|phrases|problems in specific
>> logs|files|other on localhost|other hosts that I can reach by
>> ssh|snmp|nrpe|other.' The more detail the better. That way, 
>> none of us
>> are constrained by preconceptions. If your final intent is 
>> to simply copy log files from one host to another as you 
>> state, nagios is not the solution. Remote syslog, scp, 
>> rsync, ftp, wget and possibly CFEngine are better suited to 
>> that task.
>> 
>> --
>> Marc
>> 
>> 
>> -------------------------------------------------------
>> SF.Net email is sponsored by:
>> Tame your development challenges with Apache's Geronimo App Server. 
>> Download it for free - -and be entered to win a 42" plasma 
>> tv or your very own Sony(tm)PSP.  Click here to play: 
>> http://sourceforge.net/geronimo.php
>> _______________________________________________
>> Nagios-users mailing list
>> Nagios-users at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/nagios-users
>> ::: Please include Nagios version, plugin version (-v) and 
>> OS when reporting any issue. 
>> ::: Messages without supporting info will risk being sent to 
>> /dev/null
>> 


-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. 
Download it for free - -and be entered to win a 42" plasma tv or your very
own Sony(tm)PSP.  Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null
Previous message: Nagios plugin to copy large text files
Next message: Nagios plugin to copy large text files
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Users mailing list