Configure Nagios Server to Accept Passive Check Results via NSCA

In the Nagios server terminal, download the NSCA source code. Please note that the following address uses a specific version which was the current version as of the time of authoring this lab. There may be a more recent version available when you go through this lab.

wget https://github.com/NagiosEnterprises/nsca/releases/download/nsca-2.9.2/nsca-2.9.2.tar.gz

Unpack the downloaded file.

tar xvzf nsca-2.9.2.tar.gz

Install the necessary dependencies.

sudo yum install libmcrypt libmcrypt-devel

Transfer to the NSCA directory.

cd nsca-2.9.2

Run the configure file.

sudo ./configure

After verifying there are no errors in the configure output, compile the NSCA binary.

sudo make all

Copy over the necessary files.

sudo cp /home/cloud_user/nsca-2.9.2/src/nsca /usr/local/nagios/bin/
sudo cp /home/cloud_user/nsca-2.9.2/src/send_nsca /usr/local/nagios/bin/
sudo cp /home/cloud_user/nsca-2.9.2/sample-config/nsca.cfg /usr/local/nagios/etc/
sudo cp /home/cloud_user/nsca-2.9.2/sample-config/send_nsca.cfg /usr/local/nagios/etc/

Edit the NSCA config file.

sudo vim /usr/local/nagios/etc/nsca.cfg

Under the "SERVER ADDRESS" section, uncomment the line for setting server_address. Change the value to the private IP address for your Nagios server.

Under the "DEBUGGING OPTION" section, change the value of Debug to be 1.

Save your changes and exit the editor.

Change the ownership of the appropriate NSCA files.

sudo chown nagios:nagios /usr/local/nagios/etc/nsca.cfg
sudo chown nagios:nagios /usr/local/nagios/etc/send_nsca.cfg
sudo chown nagios:nagios /usr/local/nagios/bin/nsca
sudo chown nagios:nagios /usr/local/nagios/bin/send_nsca

Change the permissions for the configuration files.

sudo chmod g+r /usr/local/nagios/etc/send_nsca.cfg
sudo chmod g+r /usr/local/nagios/etc/nsca.cfg

Open a second client and log into the Linux client using the credentials provided on the hands-on lab page.

ssh cloud_user@PUBLIC_LINUXCLIENT_ADDRESS

In the Linux client, monitor the messages log.

sudo tail -f /var/log/messages

Back in the Nagios server, run Nagios.

sudo /usr/local/nagios/bin/nsca -c /usr/local/nagios/etc/nsca.cfg

Add a firewall rule and then reload the firewall.

sudo firewall-cmd --permanent --add-port=5667/tcp
sudo firewall-cmd --reload

Return to the home folder of the current user.

cd ..

Create the test file.

touch /home/cloud_user/testFile

Open the test file.

vim /home/cloud_user/testFile

Add the following data to the file. Use a tab as a delimiter between items.

PRIVATE_NAGIOS_ADDRESS  check uptime    0   IT WORKS!!!!

Save your changes and exit the editor.

Attempt to send information to the Linux client.

/usr/local/nagios/bin/send_nsca PRIVATE_NAGIOS_ADDRESS 
    -c /usr/local/nagios/etc/send_nsca.cfg < /home/cloud_usr/testFile

Verify the packet arrived on the Linux client.

In the Nagios server terminal, edit the commands configuration file.

sudo vim /usr/local/nagios/etc/objects/commands.cfg

Add the following text to the file.

define command {
    command_name    uptime
    command_line    /nagioscore-nagios-4.4.3/nagios-plugins-master/plugins/check_uptime
}

Save your changes and exit the editor.

Edit the templates configuration file.

sudo vim /usr/local/nagios/etc/objects/templates.cfg

Add the following template to the bottom of the file.

define service {

        use generic-service
        name passive_service
        active_checks_enabled 0
        passive_checks_enabled 1
        flap_detection_enabled 0
        register 0
        check_interval 1
        check_period 24x7
        max_check_attempts 2
        notification_interval 1
        notification_period 24x7
        notification_options w,u,c,r

}

Save your changes and exit the editor.

Create the Linux-Client.cfg file and edit it.

sudo touch /usr/local/nagios/etc/objects/Linux-Client.cfg
sudo vim /usr/local/nagios/etc/objects/Linux-Client.cfg

Add the following text to the file.

define host {
    use         linux-server
    host_name   Linux_Client
    alias       linuxClient
    address     PRIVATE_NAGIOS_ADDRESS
}

define hostgroup {

    hostgroup_name  my-linux-servers
    alias           My Linux Servers
    members         Linux_Client
}

define service {

    use                     passive_service
    host_name               Linux_Client
    service_destription     check uptime
    check_command           uptime
}

Save your changes and exit the editor.

Edit the Nagios configuration file.

sudo vim /usr/local/nagios/etc/nagios.cfg

Add the following to the top of the file.

# My Definitions
cfg_file=/usr/local/nagios/etc/objects/Linux-Client.cfg

Save your changes and exit the editor.

Restart Nagios.

sudo systemctl restart nagios

Check the status of Nagios.

sudo systemctl status nagios

Test the connection.

/usr/local/nagios/bin/send_nsca PRIVATE_NAGIOS_ADDRESS 
    -c /usr/local/nagios/etc/send_nsca.cfg < /home/could_user/testFile

Verify the package is received on the Linux Client.

Open a browser window and navigate to http://PUBLIC_NAGIOS_ADDRESS/nagios.

Log in with the username "nagiosadmin" and the password "BlaBla321", without quotes.

Click Services on the left-hand menu.

Verify check uptime is running and has a status of OK.

Return to the server terminal and open the NSCA configuration file.

sudo vim /usr/local/nagios/etc/nsca.cfg

Under "DECRYPTION PASSWORD", uncomment the password variable and set it to "Tralala321".

Under "DECRYPTION METHOD", set the decryption_method variable to 1.

Save your changes and exit the editor.

Open the send_nsca.cfg file.

sudo vim /usr/local/nagios/etc/send_nsca.cfg

Under "ENCRYPTION PASSWORD", uncomment the password variable and set it to "Tralala321".

Under "ENCRYPTION METHOD", set the encryption_method variable to 1.

Save your changes and exit the editor.

Find and kill the nsca process.

ps aux | grep -i nsca
sudo kill ID_FOR_NSCA_PROCESS

Restart the service.

sudo /usr/local/nagios/bin/nsca -c /usr/local/nagios/etc/nsca.cfg

Confirm the process is running.

ps aux | grep -i nsca

Create an SSH key pair.

ssh-keygen

In a new terminal, log into the Linux client using the credential from the hands-on lab page.

ssh cloud_user@PUBLIC_LINUXCLIENT_ADDRESS

Edit the SSH authorized keys list and navigate to the bottom of the file.

vim /home/cloud_user/.ssh/authorized_keys

In the Nagios server terminal, open the file with the generated key from a previous step.

vim /home/cloud_user/.ssh/id_rsa.pub

Select the entire key and copy it, then quit the editor.

Paste the key into the bottom of the file in the Linux client terminal.

Save your changes and exit the editor.

In the Nagios sever terminal, attempt to log into the Linux client.

ssh cloud_user@PUBLIC_LINUXCLIENT_ADDRESS

Log out of the Linux client.

exit

Copy files over to the Linux client.

scp /usr/local/nagios/bin/send_nsca 
    cloud_user@PUBLIC_LINUXCLIENT_ADDRESS:/home/cloud_user/
scp /usr/local/nagios/etc/send_nsca.cfg 
    cloud_user@PUBLIC_LINUXCLIENT_ADDRESS:/home/cloud_user/

In the Nagios server terminal, edit the Linux-Client.cfg file.

sudo vim /usr/local/nagios/etc/objects/Linux-Client.cfg

Add the following service definition to the bottom of the file.

define service {

    use                     passive_service
    host_name               Linux_Client
    service_description     check uptime
    check_command           uptime
}

At the beginning of the file, under the host definition, update the address parameter to the Linux client public IP.

Save your changes and close the editor.

Update the commands configuration file.

sudo vim /usr/local/nagios/etc/objects/commands.cfg

Define a new command at the top by adding the following text.

define command {
    command_name    check_disk
    command_line    /nagioscore-nagios-4.4.3/nagios-plugins-master/plugins/check_disk
}

Save your changes and exit the editor.

Go back to the client and install wget.

sudo yum install wget

Download and install the missing packages

wget http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
sudo rpm -ivh epel-release-latest-7.noarch.rpm
sudo yum install libmcrypt libmcrypt-devel

Install nagios-plugins-disk.

sudo yum install nagios-plugins-disk

Create the script file.

touch /home/cloud_user/disk_Passive_check.sh

Edit the new script file.

sudo vim /home/cloud_user/disk_Passive_check.sh

Add the following text to the file. Note that this includes text added later in the video.

send_nsca_cfg="/home/cloud_user/send_nsca.cfg"
host=Linux_Client
service_desc="check disk"
cmd="/usr/lib64/nagios/plugins/check_disk -w 10% -c 5% /"
raw_result="$($cmd)"

msg="$(awk '{print $4 $5 $6 $7 $8 $9 $10 $11}' <<< $raw_result | tr -d \; | tr-d \|)"

status="$(awk '{print $2'} <<< $raw_result)"

if [ $status == "OK"    ]; then
    status=0
elif [ $status == "WARNING" ]; then
    status=1
elif [ $status == "CRITICAL" ]; then
    status=2
elif [ $status == "UNKNOWN" ]; then
    status=3
fi

echo "$host;$service_desc;$status;$msg" | /home/cloud_user/send_nsca -H PRIVATE_NAGIOS_ADDRESS -d ';' -c $send_nsca_cfg

Save your changes and exit the editor.

Change the permissions for disk_Passive_check.sh.

chmod +x disk_Passive_check.sh

Run the script.

/home/cloud_user/disk_Passive_check.sh

Open a browser window and navigate to http://PUBLIC_NAGIOS_ADDRESS/nagios.

Log in with the username "nagiosadmin" and the password "BlaBla321", without quotes.

Click Services on the left-hand menu.

Verify the service check disk is running and has status information.

Click check disk. Verify the timestamp of the check.

In the terminal for the Linux client, run crontab.

sudo crontab -e

Add the following text.

* * * * * /home/could_user/disk_Passive_check.sh

Save your changes and exit the editor.