Nagios

nrpe - Daemon and plugin for executing plugins on remote hosts

Introduction

On of the features of Nagios is that is can process service check results that are submitted by external applications. Service checks which are performed and submitted to Nagios by external apps are called passive checks. Passive checks can be contrasted with active checks, which are service checks that have been initiated by Nagios.

Why The Need For Passive Checks?

Passive checks are useful for monitoring services that are:

• located behind a firewall, and can therefore not be checked actively from the host running Nagios
• asynchronous in nature and can therefore not be actively checked in a reliable manner (e.g. SNMP traps, security alerts, etc.)

How Do Passive Checks Work?

When setting up alerts in Nagios some are better to be active while others can be passive.  Further Active monitoring can be executed either on the Nagios server or started from Nagios but executed remotely, see diagram.

1. Active Service Checks are initated by Nagios
   • Ping or service check of exposed resources
   • Remote Execution (nrpe) (ssh) for checking local resources like disk usage, processor load
2. Passive Service Checks are initated by exteral commands
   • Passive Checks are good for handling asynchronous events such as:
     • security alerts
     • when scanning log files for errors
     • handling alerts from 3rd party software.

Event Correlation and Analysis Market Definition and Architecture Description, 2009
Debra Curtis, David Williams

When embarking on an event correlation and analysis (ECA) project, it's important to consider the right event management specialist  products, manager of managers (MoMs) and business service management (BSM) options, pulling together the appropriate sources and data types supported by the right ECA architecture.

Basic Setup

On fedora or CentOS just install the RPM for Nagios and the plugins

yum install nagios

Edit the config files in /etc/nagios/objects

Check the config files are valid by typing

nagios -v /etc/nagios/nagios.cfg

Start nagios by typing

/etc/init.d/nagios restart

A Plugin is command-line script or executable to check the status of host or specific service. Whenever Nagios wants to check the service- or host-state it executes an plugin on the server or the remote host via NSClient++, check_by_ssh or NRPE.

The main difference between a NagiosPlugin and an NagiosAddon is Nagios addons are an extensions to the base-system monitoring on the server. There are two types of Nagios Addons available.

• Core-Addons (Addons provided by the Nagios-Developer Ethan Galstad)
• Community-Addons(Addons provied by the Nagios-Community)

Nagios Core Addons

Database

NDOUtils

NDOUtils allows you to export current and historical data from one or more Nagios instances to a MySQL database. Several community addons use this as one of their data sources.

Nagios, the most popular open source solution for system and network monitoring, is extremely robust, but it's also intensely complex.