Configure NRPE/XINETD

Enter the following commands into your terminal session:

cd /tmp
wget https://assets.nagios.com/downloads/nagiosxi/agents/linux-nrpe-agent.tar.gz

After the file has downloaded, you will need to unzip the file

tar -xzf linux-nrpe-agent.tar.gz

Then enter the new directory.

cd linux-nrpe-agent

Inside the new directory, there will be a number of scripts and config files. You will need to run “fullinstall”

./fullinstall

This will automatically configure a few things for you

  • Modifying the distro’s package manager repositories
  • Installing prerequisite packages
  • Creating required users and groups
  • Defining services for xinetd
  • Compiling and installing the agent and plugins
  • Configuring the firewall • Configuring the agent

The script will stop to prompt you for the IP address(es). You will need to enter the following Ip addresses

  • Gateway IP
  • Switch IP
  • Nagios IP

Once done, you will return to a normal terminal session.

[root@syslog ~]# cd /etc/xinetd.d/
[root@syslog xinetd.d]# ls
chargen-dgram daytime-stream echo-dgram tcpmux-server
chargen-stream discard-dgram echo-stream time-dgram
daytime-dgram discard-stream nrpe time-stream
[root@syslog xinetd.d]#

Cat the following file.

[root@syslog xinetd.d]# cat nrpe

The following file should look like this, if you are outside of the 202 network please add the router and switch IP addresses to the allowed hosts.

# default: on
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
flags = REUSE
socket_type = stream
port = 5666
wait = no
user = nagios
group = nagios
server = /usr/local/nagios/bin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd
disabled = no
log_on_success += USERID
only_from = 127.0.0.1,x.x.x.x,x.x.x.x
}
[root@syslog xinetd.d]#

Once that has been fixed, please head to the following directory /var/run. There you should see the following config file xinetd.pid. make sure that file is there.

2017-11-21 12_05_14-root@syslog__var_run

Once you have verified that the file is there, proceed to the following directory  /usr/local/nagios/etc/

in this directory, you will find the nrpe.cfg file. Please be careful when editing this file.

If you are only adding monitoring for the following service then you can copy/paste this nrpe.cfg file https://halo.world-vu.net/wiki/display/IT/NRPE+%7C+nrpe.cfg

  • CPU stats,
  • Cron Scheduling Daemon
  • Load
  • Ping
  • Memory Usage
  • SSH Server
  • Users

You will need to make a few alterations to the file.

  1. # PID FILE
    # The name of the file in which the NRPE daemon should write it's process ID
    # number. The file is only written if the NRPE daemon is started by the root
    # user and is running in standalone mode.
    pid_file=/var/run/nrpe.pid

    Change to pid_file=/var/run/xinetd.pid

  2. # ALLOWED HOST ADDRESSES
    # This is an optional comma-delimited list of IP address or hostnames 
    # that are allowed to talk to the NRPE daemon.
    #
    # Note: The daemon only does rudimentary checking of the client's IP
    # address. I would highly recommend adding entries in your /etc/hosts.allow
    # file to allow only the specified host to connect to the port
    # you are running this daemon on.
    #
    # NOTE: This option is ignored if NRPE is running under either inetd or xinetd
    allowed_hosts=127.0.0.1,x.x.x.x

    You will need to add all routers/gateways & switches between the client and Nagios. All IP addresses need to be separated by a comma.

  3. The following files will need to be adjusted/tailored to your specifications

    # The following examples use hardcoded command arguments…

    #command[check_users]=/usr/local/nagios/libexec/check_users -w 3 -c 5
    #command[check_load]=/usr/local/nagios/libexec/check_load -w 90,85,80 -c 98,95,93
    #command[check_hda1]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/hda1
    #command[check_zombie_procs]=/usr/local/nagios/libexec/check_procs -w 5 -c 10 -s Z
    #command[check_total_procs]=/usr/local/nagios/libexec/check_procs -w 150 -c 200
    # The following examples allow user-supplied arguments and can
    # only be used if the NRPE daemon was compiled with support for
    # command arguments *AND* the dont_blame_nrpe directive in this
    # config file is set to ‘1’. This poses a potential security risk, so
    # make sure you read the SECURITY file before doing this.

    #command[check_users]=/usr/local/nagios/libexec/check_users -w $ARG1$ -c $ARG2$
    #command[check_load]=/usr/local/nagios/libexec/check_load -w $ARG1$ -c $ARG2$
    #command[check_disk]=/usr/local/nagios/libexec/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
    #command[check_procs]=/usr/local/nagios/libexec/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$

Save and Exit VI.

Go back to where xinetd.pid is located.

cd /var/run/

you will need to change ownership of the file.

chown nagios:nagios xinetd.pid


[root@syslog run]# ls
abrt dmeventd-client lvmetad.pid ppp systemd
atd.pid dmeventd-server mdadm rpcbind tmpfiles.d
auditd.pid faillock mount rpcbind.sock tuned
chrony firewalld netreport sepermit udev
chronyd.pid initramfs net-snmp setrans user
console lock NetworkManager sshd.pid utmp
crond.pid log nrpe sudo xinetd.pid
cron.reboot lsm pcscd svnserve xtables.lock
dbus lvm plymouth syslogd.pid
[root@syslog run]# ^C
[root@syslog run]# ls -l
total 36
drwxr-xr-x 2 root root 100 Nov 20 10:02 abrt
-rw-r--r-- 1 root root 4 Nov 20 10:02 atd.pid
-rw-r--r-- 1 root root 4 Nov 20 10:02 auditd.pid
drwxr-x--- 2 chrony chrony 60 Nov 20 10:02 chrony
-rw-r--r-- 1 root root 5 Nov 20 10:02 chronyd.pid
drwxr-xr-x 2 root root 40 Nov 20 10:02 console
-rw-r--r-- 1 root root 4 Nov 20 10:02 crond.pid
---------- 1 root root 0 Nov 20 10:02 cron.reboot
drwxr-xr-x 2 root root 60 Nov 20 10:02 dbus
prw------- 1 root root 0 Nov 20 10:02 dmeventd-client
prw------- 1 root root 0 Nov 20 10:02 dmeventd-server
drwxr-xr-x 2 root root 40 Nov 20 10:02 faillock
drwxr-x--- 2 root root 40 Nov 20 11:02 firewalld
drwxr-xr-x 4 root root 120 Nov 20 10:02 initramfs
drwxr-xr-x 6 root root 140 Nov 21 03:28 lock
drwxr-xr-x 3 root root 60 Nov 20 10:02 log
drwxrwxr-x 3 root libstoragemgmt 60 Nov 20 10:02 lsm
drwx------ 2 root root 80 Nov 20 10:02 lvm
-rw-r--r-- 1 root root 4 Nov 20 10:02 lvmetad.pid
drwx--x--- 2 root root 40 Nov 20 10:02 mdadm
drwxr-xr-x 2 root root 60 Nov 20 10:02 mount
drwxrwxr-x 2 root root 40 Nov 20 10:02 netreport
drwxr-xr-x 2 root root 40 Nov 20 10:02 net-snmp
drwxr-xr-x 3 root root 80 Nov 20 10:02 NetworkManager
drwxr-xr-x 2 nagios nagios 40 Nov 20 11:33 nrpe
drwxr-xr-x 2 root root 60 Nov 20 10:02 pcscd
drwxr-xr-x 2 root root 40 Nov 20 10:02 plymouth
drwxr-xr-x 2 root root 40 Nov 20 10:02 ppp
drwx------ 2 rpc rpc 40 Nov 20 10:02 rpcbind
srw-rw-rw- 1 root root 0 Nov 20 10:02 rpcbind.sock
drwxr-xr-x 2 root root 40 Nov 20 10:02 sepermit
drwxr-xr-x 2 root root 40 Nov 20 10:02 setrans
-rw-r--r-- 1 root root 5 Nov 20 10:02 sshd.pid
drwx--x--x 3 root root 60 Nov 20 10:02 sudo
drwx------ 2 root root 40 Nov 20 10:02 svnserve
-rw------- 1 root root 3 Nov 20 10:02 syslogd.pid
drwxr-xr-x 18 root root 440 Nov 20 11:29 systemd
drwxr-xr-x 2 root root 60 Nov 20 10:02 tmpfiles.d
drwxr-xr-x 2 root root 60 Nov 20 10:02 tuned
drwxr-xr-x 7 root root 160 Nov 20 11:02 udev
drwxr-xr-x 3 root root 60 Nov 21 11:58 user
-rw-rw-r-- 1 root utmp 1920 Nov 21 11:38 utmp

-rw-r–r– 1 nagios nagios 5 Nov 20 11:33 xinetd.pid

-rw------- 1 root root 0 Nov 20 10:02 xtables.lock
[root@syslog run]#

Now that the file has been moved over to Nagios. go ahead and restart the services.

First, start with NRPE. Restart it and then check the status of NRPE.

systemctl restart nrpe
systemctl status nrpe

NRPE should not show any errors. if it does, check the output of systemctl status nrpe

# systemctl status nrpe.service
● nrpe.service – Nagios Remote Plugin Executor
Loaded: loaded (/usr/lib/systemd/system/nrpe.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2017-11-20 11:33:34 EST; 24h ago
Docs: http://www.nagios.org/documentation
Process: 2867 ExecStopPost=/bin/rm -f /usr/local/nagios/var/nrpe.pid (code=exited, status=0/SUCCESS)
Main PID: 2872 (nrpe)
CGroup: /system.slice/nrpe.service
└─2872 /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cf

Nov 21 11:38:46 syslog.oneweb.net sudo[4111]: nagios : TTY=unknown ; PWD=/…d
Nov 21 11:43:44 syslog.oneweb.net sudo[4236]: nagios : TTY=unknown ; PWD=/…d
Nov 21 11:48:41 syslog.oneweb.net sudo[4334]: nagios : TTY=unknown ; PWD=/…d
Nov 21 11:53:40 syslog.oneweb.net sudo[4436]: nagios : TTY=unknown ; PWD=/…d
Nov 21 11:58:39 syslog.oneweb.net sudo[4614]: nagios : TTY=unknown ; PWD=/…d
Nov 21 12:03:37 syslog.oneweb.net sudo[4734]: nagios : TTY=unknown ; PWD=/…d
Nov 21 12:08:36 syslog.oneweb.net sudo[4833]: nagios : TTY=unknown ; PWD=/…d
Nov 21 12:13:35 syslog.oneweb.net sudo[4934]: nagios : TTY=unknown ; PWD=/…d
Nov 21 12:18:34 syslog.oneweb.net sudo[5030]: nagios : TTY=unknown ; PWD=/…d
Nov 21 12:23:32 syslog.oneweb.net sudo[5133]: nagios : TTY=unknown ; PWD=/…d
Hint: Some lines were ellipsized, use -l to show in full.

Next, restart the XINETD services.

systemctl restart xinetd.service
systemctl status xinetd.service

You should get the following output from a status check:

# systemctl status xinetd.service
● xinetd.service – Xinetd A Powerful Replacement For Inetd
Loaded: loaded (/usr/lib/systemd/system/xinetd.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2017-11-20 10:57:48 EST; 1 day 1h ago
Main PID: 2122 (xinetd)
CGroup: /system.slice/xinetd.service
└─2122 /usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid

Nov 20 10:57:48 syslog.oneweb.net xinetd[2122]: removing discard
Nov 20 10:57:48 syslog.oneweb.net xinetd[2122]: removing discard
Nov 20 10:57:48 syslog.oneweb.net xinetd[2122]: removing echo
Nov 20 10:57:48 syslog.oneweb.net xinetd[2122]: removing echo
Nov 20 10:57:48 syslog.oneweb.net xinetd[2122]: removing nrpe
Nov 20 10:57:48 syslog.oneweb.net xinetd[2122]: removing tcpmux
Nov 20 10:57:48 syslog.oneweb.net xinetd[2122]: removing time
Nov 20 10:57:48 syslog.oneweb.net xinetd[2122]: removing time
Nov 20 10:57:48 syslog.oneweb.net xinetd[2122]: xinetd Version 2.3.15 starte….
Nov 20 10:57:48 syslog.oneweb.net xinetd[2122]: Started working: 0 available…s
Hint: Some lines were ellipsized, use -l to show in full.

After this has been completed, wait for Nagios to check the services and you should see the statuses go from orange (unknown) to green (ok)

if you are getting a Socket or refused connection error, check the local firewall setting on the client machine.

firewall-cmd --permanent --add-port=5666/tcp

Once the firewall rule has been added, reload it

firewall-cmd --reload

Go back to your Nagios server and force an imidate check.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s