how can an NRPE script know the remote server's IP?

Morty morty+nagios at frakir.org
Mon Apr 30 21:31:31 CEST 2012


On Sat, Apr 28, 2012 at 01:23:58PM +0100, RichTea wrote:

> dont_blame_nrpe isnt that big a security issue if you trust your
> Nagios servers security and restrict whos allowed to run nrpe
> commands.  You could then pass in a custom macro from Nagios.

dont_blame_nrpe requires me to trust the nagios servers and to trust
the network.  I prefer to minimize trust.

> if you use the _exact_ same config on each Nagios server you can probably
> use a custom macro in the service's command definition.

Sure enough.  Thanks!

I was even able to define a USERn variable as `hostname`, so the two
servers can share identical configs.  The way this works is that the
nrpe.cfg has two entries:

command[check_foo_server1]=/usr/local/bin/mycommand -v /var/mycommand/server1
command[check_foo_server2]=/usr/local/bin/mycommand -v /var/mycommand/server2

USER6 is definied like so:

USER6=`hostname`

And the command like so:

check_command         check_nrpe!check_foo_$USER6$

- Morty

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list