Nagios
Error: “ldap_bind: Can’t contact LDAP server (-1)” on nagios check
Nagios check_ldaps plugin working with SSL or TLS
Error:
[root@nagios libexec]# ./check_ldaps -H 10.0.0.51 -w 10 -c 15 -b dc=tolven,dc=com -p 636 -v
ldap_bind: Can't contact LDAP server (-1) additional info: TLS error -8172:Peer's certificate issuer has been marked as not trusted by the user. Could not bind to the LDAP server
To fix this issue, simple understand the client is not issuing certificate, The client environment is not fully configured. so I configure the bellow setting. It works charm in both ways, byt ignoring the SSL check or adding client certificate,
Create new configuration file if not exist, /etc/openldap/ldap.conf
Ignoring SSL certificate, Add the bellow settings
TLS_REQCERT never
TLS_CACERT /etc/openldap/certs/ldap-client-ca.crt
Output:
root@nagios libexec]# ./check_ldaps -H 10.0.0.51 -w 10 -c 15 -b dc=tolven,dc=com -p 636 -v LDAP OK - 0.062 seconds response time|time=0.061526s;10.000000;15.000000;0.000000
Info: Installing Nagios with Graph,SMS,NRPE,back-end Nconf as administration.
Nagios is perfect monitoring tool used as watch dog of servers, we get alerts even we are not touch with internet using SMS service. We can also have good graph to get report.
Pre-Installation:We have to check whether the pre-requirements are satisfied else follow the steps below.
OS Version
[root@nagios-server ~]# cat /etc/redhat-release CentOS release 5.8 (Final)
Add additional offical centos repository.
[root@nagios-server ~]# mkdir /home/installer [root@nagios-server installer]# wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.i386.rpm [root@nagios-server installer]# rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt [root@nagios-server installer]# rpm -i rpmforge-release-0.5.2-2.el5.rf.*.rpm
1.Nagios Installation
Dependencies :
yum install gcc glibc glibc-common gd gd-devel openssl openssl-devel
Pre-Installion steps
useradd -M nagios groupadd nagcmd usermod -a -G nagcmd nagios usermod -a -G nagcmd apache
Download-Packages
wget http://ncu.dl.sourceforge.net/project/nagios/nagios-3.x/nagios-3.4.4/nagios-3.4.4.tar.gz wget http://nchc.dl.sourceforge.net/project/nagiosplug/nagiosplug/1.4.16/nagios-plugins-1.4.16.tar.gz wget http://downloads.sourceforge.net/project/nconf/nconf/1.3.0-0/nconf-1.3.0-0.tgz wget https://www.monitoringexchange.org/attachment/download/Artwork/Image-Packs/Base-Images/imagepak-base.tar.tar wget http://sourceforge.net/projects/pnp4nagios/files/latest/download
Installation
tar -zxvf nagios-3.4.4.tar.gz cd nagios ./configure –with-command-group=nagcmd make all make install make install-init make install-config make install-commandmode make install-webconf htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin tar -zxvf nagios-plugins-1.4.16.tar.gz cd nagios-plugins-1.4.16 ./configure ; make ; make install service httpd restart service nagios restart
httpd://localhost/nagios
2.Nconf Installation
yum install mysql-server mysql mysql-devel php-common php-mysql tar -zxvf nconf-1.3.0-0.tgz cd nconf cp -r nconf /usr/local/nagios/Admin chown -R nagios.nagcmd /usr/local/nagios/ chmod 775 /usr/local/nagios/var/objects.cache rm -rf /usr/local/nagios/etc/objects/* cd /usr/local/nagios/Admin chmod -R 775 config output static_cfg temp echo "Alias /nagios/Admin /usr/local/nagios/Admin" >> /etc/httpd/conf.d/nagios.conf tar -xvf imagepak-base.tar.tar cp -r base/ /usr/local/nagios/share/images/logos/ chown -R nagios.nagcmd /usr/local/nagios/share/images/logos/
Create Mysql datace for Nconf
mysql> create database nconf; mysql> grant all on nconf.* to ncfuser@localhost identified by 'Sedww#42'
Select ==> click here
Welcome to NConf setup
It shows that installation requirements are satisfied.
Select ==>Next
MySQL database configuration
DBHOST : localhost
DBNAME : nconf
DBUSER : ncfuser
DBPASS : Sedww#42
Select ==>Next
General Configuration
NCONFDIR : /usr/local/nagios/Admin
NAGIOS_BIN : /usr/local/nagios/bin/nagios
TEMPLATE_DIR : <No-change>
Select ==>Next
Authentication configuration
AUTH_ENABLED : TRUE (if you need authentication for Nconf)
AUTH_TYPE : file (password saved in a file)
file_admin_password : <Secreat>
Select ==>Next
Check if config files are present
Select ==>Finish
Error (No need to panic delete the files below from nagios)
– INSTALL
– INSTALL.php
– UPDATE
– UPDATE.php
cd /usr/local/nagios/Admin rm -rf INSTALL INSTALL.php UPDATE UPDATE.php
Installation completed, refresh the browser and login with the user admin
Nagios settings deployment :
Edit the file and choose the type if deployment, here I select local deployment.
vi /usr/local/nagios/Admin/config/deployment.ini ;; LOCAL deployment ;; [extract config] type = local source_file = "/usr/local/nagios/Admin/output/NagiosConfig.tgz" target_file = "/tmp/" action = extract [copy collector config] type = local source_file = "/tmp/Default_collector/" target_file = "/usr/local/nagios/etc/objects/Default_collector/" action = copy [copy global config] type = local source_file = "/tmp/global/" target_file = "/usr/local/nagios/etc/objects/global/" action = copy reload_command = "/etc/rc.d/init.d/nagios reload" ;[copy nagios.cfg] ;type = local ;source_file = "/tmp/static_cfg/nagios.cfg" ;target_file = "/etc/nagios/nagios.cfg" ;action = copy ;reload_command = "sudo /etc/rc.d/init.d/nagios reload"
Deployment: Now you can see the Deploy button when you initiating “Generate Nagios config”. Please try the first nagios deployment.
Configuration Backup: Pre-installed addon comes with Nconf. Add the file in crontab and shadule the backup “/usr/local/nagios/Admin/ADD-ONS/backup_db.sh”
3 . Graph – PNP4Nagios
Installation
#yum -y install rrdtool rrdtool-perl php-gd #tar -zxvf pnp4nagios-0.6.20.tar.gz #cd pnp4nagios-0.6.20 #./configure && make all && make install-webconf && make install-config && make install-init && #make fullinstall #service httpd restart #mv /usr/local/pnp4nagios/share/install.php /usr/local/pnp4nagios/share/install.php.sample
Add the Custom Perfomance data
#vim /usr/local/nagios/etc/nagios.cfg ########################## # service performance data ########################## service_perfdata_file=/usr/local/pnp4nagios/var/service-perfdata service_perfdata_file_template=DATATYPE::SERVICEPERFDATA\tTIMET::$TIMET$\tHOSTNAME::$HOSTNAME$\tSERVICEDESC::$SERVICEDESC$\tSERVICEPERFDATA::$SERVICEPERFDATA$\tSERVICECHECKCOMMAND::$SERVICECHECKCOMMAND$\tHOSTSTATE::$HOSTSTATE$\tHOSTSTATETYPE::$HOSTSTATETYPE$\tSERVICESTATE::$SERVICESTATE$\tSERVICESTATETYPE::$SERVICESTATETYPE$ service_perfdata_file_mode=a service_perfdata_file_processing_interval=15 service_perfdata_file_processing_command=process-service-perfdata-file ################################################ # host performance data starting with Nagios 3.0 ################################################ host_perfdata_file=/usr/local/pnp4nagios/var/host-perfdata host_perfdata_file_template=DATATYPE::HOSTPERFDATA\tTIMET::$TIMET$\tHOSTNAME::$HOSTNAME$\tHOSTPERFDATA::$HOSTPERFDATA$\tHOSTCHECKCOMMAND::$HOSTCHECKCOMMAND$\tHOSTSTATE::$HOSTSTATE$\tHOSTSTATETYPE::$HOSTSTATETYPE$ host_perfdata_file_mode=a host_perfdata_file_processing_interval=15 host_perfdata_file_processing_command=process-host-perfdata-file
Add below lines in command.cfg file
#vim /usr/local/nagios/etc/objects/commands.cfg define command{ command_name process-service-perfdata-file command_line /usr/local/pnp4nagios/libexec/process_perfdata.pl --bulk=/usr/local/pnp4nagios/var/service-perfdata } define command{ command_name process-host-perfdata-file command_line /usr/local/pnp4nagios/libexec/process_perfdata.pl --bulk=/usr/local/pnp4nagios/var/host-perfdata }
Reload Nagios to read new configurtaions.
#service nagios reload
Integration Graph with Nagios
Add the below line to templates.cfg
define host { name host-pnp action_url /pnp4nagios/index.php/graph?host=$HOSTNAME$&srv=_HOST_ register 0 } define service { name srv-pnp action_url /pnp4nagios/index.php/graph?host=$HOSTNAME$&srv=$SERVICEDESC$ register 0 }
These two templates can now be included via “use srv-pnp” or “use host-pnp” for services and hosts respectively.
define host{ use linux-server,host-pnp ; Name of host templates to use ; This host definition will inherit all variables that are defined ; in (or inherited by) the linux-server host template definition. host_name localhost alias localhost address 127.0.0.1 } define service{ use local-service,srv-pnp ; Name of service template to use host_name localhost service_description PING check_command check_ping!100.0,20%!500.0,60% }
Popups
cp -r pnp4nagios-0.6.20/contrib/ssi/ /usr/local/nagios/share/ssi/ chown -R nagios. /usr/local/nagios/share/ssi/ chmod -x /usr/local/nagios/share/ssi/ *
Modify the templete that already created ad below.
define host { name host-pnp action_url /pnp4nagios/index.php/graph?host=$HOSTNAME$&srv=_HOST_' class='tips' rel='/pnp4nagios/index.php/popup?host=$HOSTNAME$&srv=_HOST_ register 0 } define service { name srv-pnp action_url /pnp4nagios/index.php/graph?host=$HOSTNAME$&srv=$SERVICEDESC$' class='tips' rel='/pnp4nagios/index.php/popup?host=$HOSTNAME$&srv=$SERVICEDESC$ register 0 }
After a restart of Nagios (after modifying the definitions) the result might look like this: