Passive checks with NSCA
Colin A. White
colin at trematon.com
Thu Dec 4 19:02:24 CET 2003
Thanks for this check.
It seems my object file definitions pass the preflight check and nagios
starts up happily...
However, when I try run from the debian device :
> send_nsca -H nagios.host.com -c send_nsca.cfg
I get :
> Error: Server closed connection before init packet was received
> Error: Could not read init packet from server
I've had my firewall admin open tcp-5667 to the nagios host. Should
this have been udp-5667 ??
Any suggestions on how to pursue this cryptic error msg?
Thks
Marc Powell wrote:
>
>
>>-----Original Message-----
>>From: Colin A. White [mailto:colin at trematon.com]
>>Sent: Thursday, December 04, 2003 10:55 AM
>>To: 'nagios-users at lists.sourceforge.net'
>>Subject: [Nagios-users] Passive checks with NSCA
>>
>>Greetings all,
>>
>>I was wondering if anyone could give me a quick sanity check before I
>>dive in and break my Nagios install...
>>
>>I'm hoping to deploy the nsca addon (and send_nsca) to passively
>>
>>
>monitor
>
>
>>two debian devices hanging off the end of a DSL line. i.e. the target
>>hosts have dynamic private IPs and do not have resolvable hostnames.
>>
>>
>I'm
>
>
>>aiming to log snmp traps only. Am I right to think this is a 'passive
>>check of a volatile service' in nagios-speak ?
>>
>>
>
>Yep.
>
>
>
>>I'm wondering now, how to correctly configure the object files for
>>
>>
>these
>
>
>>hosts and their passive services. I notice from the docs "that in
>>order to submit passive service checks to Nagios, a service must have
>>already been defined in the object configuration file" Is this
>>
>>
>proposed
>
>
>>service definition sane??
>>
>>define service{
>> host_name unknown
>> service_description TRAP
>> check_command check-host-alive
>> is_volatile 1
>> active_checks_enabled 0
>> passive_checks_enabled 1
>> check_period none
>> max_check_attempts 1
>> normal_check_interval 1
>> retry_check_interval 1
>> notifications_enabled 1
>> notification_interval 31536000
>> notification_period 24x7
>> notification_options w,u,c,r
>> contact_groups linux-admins
>> }
>>
>>
>
>You must define the service in Nagios so it knows that the passive check
>isn't bogus. I would use a more descriptive host_name above. Think of it
>as a label, not as a DNS name. The check_command is fine, it'll never
>get executed. For a cleaner web interface (without the big red 'X'),
>consider setting active_checks_enabled to 1 and leaving the check_period
>set to none. That's a personal preference however.
>
>
>
>>I'm also wondering how to handle the hosts.cfg definition which
>>
>>
>requires
>
>
>>an address param as a mandatory field...?? It's this 'gotcha' that
>>
>>
>has
>
>
>>me most stumped. Am I able to use an arbitrary or fake IP and simply
>>use host_name matching to determin whether to accept and log the trap?
>>
>>
>
>You can use an arbitrary IP (127.0.0.1 for example). If you don't define
>a check_command in your host block, the IP will never be used ofr
>anything. Nagios uses the host_name (label) and service_description to
>make all internal associations and decide whether to accept or ignore
>the passive check.
>
>
>If you haven't read it,
>http://nagios.sourceforge.net/docs/1_0/int-snmptrap.html might be useful
>to you.
>
>--
>Marc
>
>
-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive? Does it
help you create better code? SHARE THE LOVE, and help us help
YOU! Click Here: http://sourceforge.net/donate/
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list