NRPE Logging. Documentation?
Brian A. Seklecki
lavalamp at spiritual-machines.org
Wed Jan 2 17:28:48 CET 2008
On Wed, 2008-01-02 at 16:14 +0000, Hari Sekhon wrote:
> I want to log every nrpe call that is made including the command it ran,
> source, username the command is running as etc so I have a more full
> audit trail.
>
> I have googled and read http://nagios.sourceforge.net/docs/nrpe/NRPE.pdf
> but this seems very basic, for beginners really.
> There is only a brief mention of nrpe.cfg and how to added a remote check.
> What I
Set values:
debug=1 in nrpe.conf
As for logging, it logs to static facility hard-coded into the code
(which you cannot change during runtime -- this is a NFS/Bug issue).
Google: nagios+seklecki+nrpe+nsca+syslog
You can work around it by routing message to a custom destination in
syslog-ng(8) using a program{} filter.
~BAS
Here's an example output on a client system:
2008 Jan 2 13:59:50 +00:00 bdb00 [nrpe][13202] [daemon] [debug] nrpe[13202]: Connection from 192.168.x.x port 53479
2008 Jan 2 13:59:50 +00:00 bdb00 [nrpe][13202] [daemon] [debug] nrpe[13202]: Host address is in allowed_hosts
2008 Jan 2 13:59:50 +00:00 bdb00 [nrpe][13202] [daemon] [debug] nrpe[13202]: Handling the connection...
2008 Jan 2 13:59:50 +00:00 hostname [nrpe][13202] [daemon] [debug] nrpe[13202]: Host is asking for command 'check_bsdlabel' to be run...
2008 Jan 2 13:59:50 +00:00 hostname [nrpe][13202] [daemon] [debug] nrpe[13202]: Running command: /usr/local/bin/sudo /usr/local/libexec/nagios/check_file_age -w 175000 -c 350000 /var/backups/disklabel.mfid0s1.bak
2008 Jan 2 13:59:50 +00:00 hostname [nrpe][13202] [daemon] [debug] nrpe[13202]: Command completed with return code 0 and output: FILE_AGE OK: /var/backups/disklabel.mfid0s1.bak is 39527 seconds old and 496 bytes
2008 Jan 2 13:59:50 +00:00 hostname [nrpe][13202] [daemon] [debug] nrpe[13202]: Return Code: 0, Output: FILE_AGE OK: /var/backups/disklabel.mfid0s1.bak is 39527 seconds old and 496 bytes
2008 Jan 2 13:59:50 +00:00 hostname [nrpe][13202] [daemon] [debug] nrpe[13202]: Connection from 192.168.x.x closed.
> want is a complete nrpe.cfg reference, I found a site one but
> there was no mention of any logging facility, I suspect there is none.
> I was hoping that there was a config file parameter to activate some
> kind of logging but I cannot find anything like this.
>
> I am calling nrpe through xinetd to get host restrictions. Does anyone
> know of any workarounds or if I am just missing something?
>
> -h
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list