Nagios

Error: “ldap_bind: Can’t contact LDAP server (-1)” on nagios check

Posted on Updated on

Nagios check_ldaps plugin working with SSL or TLS
Error:

[root@nagios libexec]# ./check_ldaps  -H 10.0.0.51  -w 10 -c 15 -b dc=tolven,dc=com -p 636 -v
ldap_bind: Can't contact LDAP server (-1)
 additional info: TLS error -8172:Peer's certificate issuer has been marked as not trusted by the user.
 Could not bind to the LDAP server

 

To fix this issue, simple understand the client is not issuing certificate, The client environment is not fully configured. so I configure the bellow setting. It works charm in both ways, byt ignoring the SSL check or adding client certificate,

Create new configuration file if not exist, /etc/openldap/ldap.conf

Ignoring SSL certificate, Add the bellow settings

TLS_REQCERT never
TLS_CACERT /etc/openldap/certs/ldap-client-ca.crt

Output:

root@nagios libexec]# ./check_ldaps -H 10.0.0.51 -w 10 -c 15 -b dc=tolven,dc=com -p 636 -v
LDAP OK - 0.062 seconds response time|time=0.061526s;10.000000;15.000000;0.000000
Advertisements

Info: Installing Nagios with Graph,SMS,NRPE,back-end Nconf as administration.

Posted on Updated on

Nagios is perfect monitoring tool used as watch dog of servers, we get alerts even we are not touch with internet using SMS service. We can also have good graph to  get report.

Pre-Installation:We have to check whether the pre-requirements are satisfied else follow the steps below.

OS Version

[root@nagios-server ~]# cat /etc/redhat-release
CentOS release 5.8 (Final)

Add additional offical centos repository.

[root@nagios-server ~]# mkdir /home/installer
[root@nagios-server installer]# wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.i386.rpm
[root@nagios-server installer]# rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt
[root@nagios-server installer]# rpm -i rpmforge-release-0.5.2-2.el5.rf.*.rpm

1.Nagios Installation

Dependencies :

yum install gcc glibc glibc-common gd gd-devel openssl openssl-devel

Pre-Installion steps

useradd -M nagios
groupadd nagcmd
usermod -a -G nagcmd nagios
usermod -a -G nagcmd apache

Download-Packages

wget http://ncu.dl.sourceforge.net/project/nagios/nagios-3.x/nagios-3.4.4/nagios-3.4.4.tar.gz
wget http://nchc.dl.sourceforge.net/project/nagiosplug/nagiosplug/1.4.16/nagios-plugins-1.4.16.tar.gz
wget http://downloads.sourceforge.net/project/nconf/nconf/1.3.0-0/nconf-1.3.0-0.tgz
wget https://www.monitoringexchange.org/attachment/download/Artwork/Image-Packs/Base-Images/imagepak-base.tar.tar
wget http://sourceforge.net/projects/pnp4nagios/files/latest/download

Installation

tar -zxvf nagios-3.4.4.tar.gz
cd nagios
./configure –with-command-group=nagcmd
make all
make install
make install-init
make install-config
make install-commandmode
make install-webconf
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
tar -zxvf nagios-plugins-1.4.16.tar.gz
cd nagios-plugins-1.4.16
./configure ; make ; make install
service httpd restart
service nagios restart

httpd://localhost/nagios

2.Nconf Installation

yum install mysql-server mysql mysql-devel php-common php-mysql
tar -zxvf nconf-1.3.0-0.tgz
cd nconf
cp -r nconf /usr/local/nagios/Admin
chown -R nagios.nagcmd /usr/local/nagios/
chmod 775 /usr/local/nagios/var/objects.cache
rm -rf /usr/local/nagios/etc/objects/*
cd /usr/local/nagios/Admin
chmod -R 775 config output static_cfg temp
echo "Alias /nagios/Admin /usr/local/nagios/Admin" >> /etc/httpd/conf.d/nagios.conf
tar -xvf imagepak-base.tar.tar
cp -r base/ /usr/local/nagios/share/images/logos/
chown -R nagios.nagcmd /usr/local/nagios/share/images/logos/

Create Mysql datace for Nconf

mysql> create database nconf;
mysql> grant all on nconf.* to ncfuser@localhost identified by 'Sedww#42'

http://localhost/nagios/Admin

Select ==> click here

Welcome to NConf setup

It shows that installation requirements are satisfied.

Select ==>Next

MySQL database configuration

DBHOST : localhost
DBNAME : nconf
DBUSER : ncfuser
DBPASS : Sedww#42

Select ==>Next

General Configuration
NCONFDIR : /usr/local/nagios/Admin
NAGIOS_BIN : /usr/local/nagios/bin/nagios
TEMPLATE_DIR : <No-change>

Select ==>Next

Authentication configuration

AUTH_ENABLED : TRUE (if you need authentication for Nconf)
AUTH_TYPE : file (password saved in a file)
file_admin_password : <Secreat>

Select ==>Next

Check if config files are present

Select ==>Finish

Error (No need to panic delete the files below from nagios)

– INSTALL
– INSTALL.php
– UPDATE
– UPDATE.php

cd /usr/local/nagios/Admin
rm -rf INSTALL INSTALL.php UPDATE UPDATE.php

Installation completed, refresh the browser and login with the user admin

Nagios settings deployment :

Edit the file and choose the type if deployment, here I select local deployment.

vi /usr/local/nagios/Admin/config/deployment.ini
;; LOCAL deployment ;;
[extract config]
type = local
source_file = "/usr/local/nagios/Admin/output/NagiosConfig.tgz"
target_file = "/tmp/"
action = extract
[copy collector config]
type = local
source_file = "/tmp/Default_collector/"
target_file = "/usr/local/nagios/etc/objects/Default_collector/"
action = copy
[copy global config]
type = local
source_file = "/tmp/global/"
target_file = "/usr/local/nagios/etc/objects/global/"
action = copy
reload_command = "/etc/rc.d/init.d/nagios reload"
;[copy nagios.cfg]
;type = local
;source_file = "/tmp/static_cfg/nagios.cfg"
;target_file = "/etc/nagios/nagios.cfg"
;action = copy
;reload_command = "sudo /etc/rc.d/init.d/nagios reload"

Deployment: Now you can see the Deploy button when you initiating “Generate Nagios config”. Please try the first nagios deployment.

Configuration Backup: Pre-installed addon comes with Nconf. Add the file in crontab and shadule the backup “/usr/local/nagios/Admin/ADD-ONS/backup_db.sh”

3 . Graph – PNP4Nagios

Installation

#yum -y install rrdtool rrdtool-perl php-gd
#tar -zxvf pnp4nagios-0.6.20.tar.gz
#cd pnp4nagios-0.6.20
#./configure && make all && make install-webconf && make install-config && make install-init && #make fullinstall
#service httpd restart
#mv /usr/local/pnp4nagios/share/install.php /usr/local/pnp4nagios/share/install.php.sample

Add the Custom Perfomance data

#vim /usr/local/nagios/etc/nagios.cfg
##########################
# service performance data
##########################
service_perfdata_file=/usr/local/pnp4nagios/var/service-perfdata
service_perfdata_file_template=DATATYPE::SERVICEPERFDATA\tTIMET::$TIMET$\tHOSTNAME::$HOSTNAME$\tSERVICEDESC::$SERVICEDESC$\tSERVICEPERFDATA::$SERVICEPERFDATA$\tSERVICECHECKCOMMAND::$SERVICECHECKCOMMAND$\tHOSTSTATE::$HOSTSTATE$\tHOSTSTATETYPE::$HOSTSTATETYPE$\tSERVICESTATE::$SERVICESTATE$\tSERVICESTATETYPE::$SERVICESTATETYPE$
service_perfdata_file_mode=a
service_perfdata_file_processing_interval=15
service_perfdata_file_processing_command=process-service-perfdata-file
################################################
# host performance data starting with Nagios 3.0
################################################
host_perfdata_file=/usr/local/pnp4nagios/var/host-perfdata
host_perfdata_file_template=DATATYPE::HOSTPERFDATA\tTIMET::$TIMET$\tHOSTNAME::$HOSTNAME$\tHOSTPERFDATA::$HOSTPERFDATA$\tHOSTCHECKCOMMAND::$HOSTCHECKCOMMAND$\tHOSTSTATE::$HOSTSTATE$\tHOSTSTATETYPE::$HOSTSTATETYPE$
host_perfdata_file_mode=a
host_perfdata_file_processing_interval=15
host_perfdata_file_processing_command=process-host-perfdata-file

Add below lines in command.cfg file

#vim /usr/local/nagios/etc/objects/commands.cfg
define command{
command_name process-service-perfdata-file
command_line /usr/local/pnp4nagios/libexec/process_perfdata.pl --bulk=/usr/local/pnp4nagios/var/service-perfdata
}
define command{
command_name process-host-perfdata-file
command_line /usr/local/pnp4nagios/libexec/process_perfdata.pl --bulk=/usr/local/pnp4nagios/var/host-perfdata
}

Reload Nagios to read new configurtaions.

#service nagios reload

Integration Graph with Nagios

Add the below line to templates.cfg

define host {
name host-pnp
action_url /pnp4nagios/index.php/graph?host=$HOSTNAME$&srv=_HOST_
register 0
}
define service {
name srv-pnp
action_url /pnp4nagios/index.php/graph?host=$HOSTNAME$&srv=$SERVICEDESC$
register 0
}

These two templates can now be included via “use srv-pnp” or “use host-pnp” for services and hosts respectively.

define host{
 use linux-server,host-pnp ; Name of host templates to use
 ; This host definition will inherit all variables that are defined
 ; in (or inherited by) the linux-server host template definition.
host_name localhost
alias localhost
address 127.0.0.1
}
define service{
use local-service,srv-pnp ; Name of service template to use
host_name localhost
service_description PING
check_command check_ping!100.0,20%!500.0,60%
}

Popups

cp -r pnp4nagios-0.6.20/contrib/ssi/ /usr/local/nagios/share/ssi/
chown -R nagios. /usr/local/nagios/share/ssi/
chmod -x /usr/local/nagios/share/ssi/ *

Modify the templete that already created ad below.

define host {
name host-pnp
action_url /pnp4nagios/index.php/graph?host=$HOSTNAME$&srv=_HOST_' class='tips' rel='/pnp4nagios/index.php/popup?host=$HOSTNAME$&srv=_HOST_
register 0
}
define service {
name srv-pnp
action_url /pnp4nagios/index.php/graph?host=$HOSTNAME$&srv=$SERVICEDESC$' class='tips' rel='/pnp4nagios/index.php/popup?host=$HOSTNAME$&srv=$SERVICEDESC$
register 0
}

After a restart of Nagios (after modifying the definitions) the result might look like this:

Graph