nsclient++ configuration, i am lost

Shawn Kovalchick bamapookie at gmail.com
Sun Apr 23 18:35:02 CEST 2006


Ok.  I can answer more thoroughly when I get to work Monday and can look at
my config files there, but this may help for now...

First, unless you have a specific need for it, I would disallow "nasty
metacharacters."  They can, indeed, be nasty. :)
Second, for the space in "Program Files", put quotes around the entire path
and filename.  I believe you should use doublequotes, but I'm not sure.  I
will check this on Monday.
Try:
../libexec/check_nrpe -H catorsv03 -c check_exchangeDB -a MaxWarn=15G
MaxCrit=16G File="d:\Program Files\Exchsrvr\MDBDATA\priv1.stm"
File="d:\Program Files\Exchsrvr\MDBDATA\priv1.edb"

Third, you should probably comment out everything in the NSClient section of
the config file unless you are using check_nt.

Again, I'll post more tomorrow after trying a few things myself in my test
environment at work.

Shawn Kovalchick
On 4/22/06, Toto Capuccino <shoktai at gmail.com> wrote:
>
> Hi Shawn,
>
> On the first hand i get errors related to ncsclient itself :
>
> The error on the monitored host is :
> Event Source:    NRPE_NT
> Description:
> NRPE_NT:  Error: Request contained illegal metachars!
>
> The error on NSC.log is 2006-04-22 12:35:59:
> error:../../include\Socket.h:443: bind failed: 10048
>
> When i look to netstat i get (i kept the most relevant lines):
>   TCP    0.0.0.0:5666            0.0.0.0:0              LISTENING
> 6896
>  [NRPE_NT.exe]
> TCP    0.0.0.0:12489          0.0.0.0:0              LISTENING       14168
>
>   [NSClient++.exe]
>   TCP    0.0.0.0:1248           0.0.0.0:0              LISTENING
> 1052
>   [pNSClient.exe]
>
> So i have NRPE_NT and nsclient (not ++) installed, is there's a conflict
> with nsclient++ ?
>
>
> On the second hand i get errors related to the check_command:
>
> The error on the monitored host is :
> Event Source:    NRPE_NT
> Description:
> NRPE_NT:  Error: Request contained illegal metachars!
>
> When i try nsclient++ /test, the first error i notice is that it doesnt
> handle the space in the path of the files ( Program Files) -->
> File=d:\Program
>
> Files\Exchsrvr\MDBDATA\priv1
> >
> > .stm File=d:\Program
> > Files\Exchsrvr\MDBDATA\priv1.edb
>
>
> I tried both 'Program Files' and "Program Files" but it doesnt work.
>
> From the command line on the nagios server i try like this :
>  ../libexec/check_nrpe -H catorsv03 -c check_exchangeDB -a MaxWarn=15G
> MaxCrit=16G File=d:\'Program Files'\Exchsrvr\MDBDATA\priv1.stm
> File=d:\'Program Files'\Exchsrvr\MDBDATA\priv1.edb'
> CHECK_NRPE: Received 0 bytes from daemon.  Check the remote server logs
> for error messages.
>
> Here is the NSC.ini file :
> [modules]
> ;# NSCLIENT++ MODULES
> ;# A list with DLLs to load at startup.
> ;  You will need to enable some of these for NSClient++ to work.
> ; ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !
> ; *                                                               *
> ; * N O T I C E ! ! ! - Y O U   H A V E   T O   E D I T   T H I S *
> ; *                                                               *
> ; ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !
> FileLogger.dll
> ;CheckSystem.dll
> CheckDisk.dll
> NSClientListener.dll
> NRPEListener.dll
> ;SysTray.dll
> ;CheckEventLog.dll
> ;CheckHelpers.dll
> ;
> ; CheckWMI IS AN EXTREM EARLY IDEA SO DONT USE FOR PRODUCTION
> ENVIROMNEMTS!
> ;CheckWMI.dll
> ;
> ; RemoteConfiguration IS AN EXTREM EARLY IDEA SO DONT USE FOR PRODUCTION
> ENVIROMNEMTS!
> ;RemoteConfiguration.dll
>
> [Settings]
> ;# OBFUSCATED PASSWORD
> ;  This is the same as the password option but here you can store the
> password in an obfuscated manner.
> ;  *NOTICE* obfuscation is *NOT* the same as encryption, someone with
> access to this file can still figure out the
> ;  password. Its just a bit harder to do it at first glance.
> ;obfuscated_password=Jw0KAUUdXlAAUwASDAAB
> ;
> ;# PASSWORD
> ;  This is the password (-s) that is required to access NSClient remotely.
> If you leave this blank everyone will be able to access the daemon remotly.
> ;password=martin
> ;
> ;# ALLOWED HOST ADDRESSES
> ;  This is a comma-delimited list of IP address of hosts that are allowed
> to talk to the all daemons.
> ;  If leave this blank anyone can access the deamon remotly (NSClient
> still requires a valid password).
> allowed_hosts=10.1.1.13
> ;
> ;# USE THIS FILE
> ;  Use the INI file as opposed to the registry if this is 0 and the
> use_reg in the registry is set to 1
> ;  the registry will be used instead.
> use_file=1
>
> [log]
> ;# LOG DEBUG
> ;  Set to 1 if you want debug message printed in the log file (debug
> messages are always printed to stdout when run with -test)
> debug=1
> ;
> ;# LOG FILE
> ;  The file to print log statements to
> file=c:\nsclient-plus-plus\NSC.log
> ;
> ;# LOG DATE MASK
> ;  The format to for the date/time part of the log entry written to file.
> ;date_mask=%Y-%m-%d %H:%M:%S
>
>
> [NSClient]
> ;# ALLOWED HOST ADDRESSES
> ;  This is a comma-delimited list of IP address of hosts that are allowed
> to talk to NSClient deamon.
> ;  If you leave this blank the global version will be used instead.
> allowed_hosts= 10.1.1.13
> ;
> ;# NSCLIENT PORT NUMBER
> ;  This is the port the NSClientListener.dll will listen to.
> port=12489
> ;
> ;# BIND TO ADDRESS
> ;  Allows you to bind server to a specific local address. This has to be a
> dotted ip adress not a hostname.
> ;  Leaving this blank will bind to all avalible IP adresses.
> ;bind_to_address=
>
>
> [Check System]
> ;# CPU BUFFER SIZE
> ;  Can be anything ranging from 1s (for 1 second) to 10w for 10 weeks.
> Notice that a larger buffer will waste memory
> ;  so don't use a larger buffer then you need (ie. the longest check you
> do +1).
> ;CPUBufferSize=1h
> ;
> ;# CHECK RESOLUTION
> ;  The resolution to check values (currently only CPU).
> ;  The value is entered in 1/10:th of a second and the default is 10
> (which means ones every second)
> ;CheckResolution=10
>
> [NRPE]
> ;# NRPE PORT NUMBER
> ;  This is the port the NRPEListener.dll will listen to.
> port=5666
> ;
> ;# COMMAND TIMEOUT
> ;  This specifies the maximum number of seconds that the NRPE daemon will
> allow plug-ins to finish executing before killing them off.
> ;command_timeout=60
> ;
> ;# COMMAND ARGUMENT PROCESSING
> ;  This option determines whether or not the NRPE daemon will allow
> clients to specify arguments to commands that are executed.
> allow_arguments=1
> ;
> ;# COMMAND ALLOW NASTY META CHARS
> ;  This option determines whether or not the NRPE daemon will allow
> clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
> allow_nasty_meta_chars=1
> ;
> ;# USE SSL SOCKET
> ;  This option controls if SSL should be used on the socket.
> ;use_ssl=1
> ;
> ;# BIND TO ADDRESS
> ;  Allows you to bind server to a specific local address. This has to be a
> dotted ip adress not a hostname.
> ;  Leaving this blank will bind to all avalible IP adresses.
> ; bind_to_address=
> ;
> ;# ALLOWED HOST ADDRESSES
> ;  This is a comma-delimited list of IP address of hosts that are allowed
> to talk to NRPE deamon.
> ;  If you leave this blank the global version will be used instead.
> ;allowed_hosts=
>
>
> [NRPE Handlers]
> check_exchangeDB=inject CheckFileSize MaxWarn=15G MaxCrit=16G
> File='d:\Program Files\Exchsrvr\MDBDATA\priv1.stm' File='d:\Program
> Files\Exchsrvr\MDBDATA\priv1.edb'
>
> ;# COMMAND DEFINITIONS
> ;# Command definitions that this daemon will run.
> ;# Can be either NRPE syntax:
> ;command[check_users]=/usr/local/nagios/libexec/check_users -w 5 -c 10
> ;# Or simplified syntax:
> ;test=c:\test.bat foo $ARG1$ bar
> ;check_disk1=/usr/local/nagios/libexec/check_disk -w 5 -c 10
> ;# Or even loopback (inject) syntax (to run internal commands)
> ;# This is a way to run "NSClient" commands and other internal module
> commands such as check eventlog etc.
> ;check_cpu=inject checkCPU warn=80 crit=90 5 10 15
> ;check_eventlog=inject CheckEventLog Application
> warn.require.eventType=error warn.require.eventType=warning
> critical.require.eventType=error critical.exclude.eventType=infotruncate=1024 descriptions
> ;check_disk_c=inject CheckFileSize ShowAll MaxWarn=1024M MaxCrit=4096M
> File:WIN=c:\ATI\*.*
> ;# But be careful:
> ; dont_check=inject dont_check This will "loop forever" so be careful with
> the inject command...
> ;# Check some escapings...
> ; check_escape=inject CheckFileSize ShowAll MaxWarn=1024M MaxCrit=4096M
> "File: foo \" WIN=c:\\WINDOWS\\*.*"
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20060423/6f0380c7/attachment.html>


More information about the Users mailing list