3 - Installation - NRPE Client (CentOS 6.

5) - How To - Gutzmann GmbH

https://wiki.gutzmann.com/confluence/pages/viewpage.action?pageId=12681241[11/09/2014 11:53:43 CH]
3 - Installation - NRPE Client (CentOS 6.5)

References
Prepare system
/etc/hosts
/etc/sysconfig/network
/etc/services
/etc/resolv.conf
Install latest updates
Install prerequisites
Start NTP
Start XINETD
Add Users and groups
Apache
Firewall settings
Download Nagios and related software
Install Nagios Plugins
Install and setup NRPE
Install NRPE client
Configure xinetd
Restrict access to Nagios server
Set up logging
Test NRPE locally
Customize NRPE commands
Test NRPE from the Nagios monitoring server
References
Nagios: http://assets.nagios.com/downloads/nagioscore/docs/Installing_Nagios_Core_From_Source.pdf
NRPE: http://nagios.sourceforge.net/docs/nrpe/NRPE.pdf
Prepare system
/etc/hosts
The host table must include information about the current host, for example
10. 3. 1. 16 wi ki - uh. gut zmann. com wi ki
/etc/sysconfig/network
The hostname should be set up accordingly in / et c/ sysconf i g/ net wor k:
HOSTNAME=" wi ki . gut zmann. com"
/etc/services
Add the NRPE port to /etc/services:
vi / et c/ ser vi ces
locate "5671" and insert before:
Created by Thomas Gutzmann, last modified on 2014-04-22
Dashboard
Tools How To
Dashboard Public How To Pages Nagios - Transcripts Log
in

3 - Installation - NRPE Client (CentOS 6.5) - How To - Gutzmann GmbH

https://wiki.gutzmann.com/confluence/pages/viewpage.action?pageId=12681241[11/09/2014 11:53:43 CH]
nr pe 5666/ t cp # NRPE
/etc/resolv.conf
Out of context: You should consider using a fast DNS server. I found that Google DNS is much faster than those of
most hosting providers.
vi / et c/ r esol v. conf
Insert the line
nameser ver 8. 8. 8. 8
before all other nameserver directives.
Install latest updates
yumupdat e
Install prerequisites
Some of the packages may already have been installed. If during the installation on your particular server you find any
other missing packages, please be so kind to add a comment to this post.
yumi nst al l bi nd- ut i l s php nt p xi net d openssl - devel make gcc wget
Make sure that Perl is installed by typing "per l - v". If it's missing, add it by:
yumi nst al l per l
Start NTP
It's important that all servers show the correct time:
ser vi ce nt pd st ar t
chkconf i g nt pd on
If the system is running on a virtual machine, NTP may fail with the following error message in /var/log/messages:
cap_set_proc() failed to drop root privileges: Operation not permitted
See here how to handle this problem.
Start XINETD
Check if xinetd is running and start it otherwise:
ser vi ce xi net d st at us
If not running:
ser vi ce xi net d st ar t
Add Users and groups
user add nagi os
gr oupadd nagcmd
user mod - a - G nagcmd nagi os
Apache
If Apache is installed on the client and you want to have it monitored, make sure that an "index.html" exists:
t ouch / var / www/ ht ml / i ndex. ht ml
Firewall settings
3 - Installation - NRPE Client (CentOS 6.5) - How To - Gutzmann GmbH
https://wiki.gutzmann.com/confluence/pages/viewpage.action?pageId=12681241[11/09/2014 11:53:43 CH]
Consider setting up your firewall for dynamic DNS names.
Add the following line to /etc/sysconfig/iptables, replacing the monitoring server name as required:
vi / et c/ sysconf i g/ i pt abl es
- A I NPUT - mst at e - - st at e NEW- mt cp - p t cp - s moni t or - a. gut zmann. com - - dpor t 5666 - j
ACCEPT
Restart the firewall:
ser vi ce i pt abl es r est ar t
Download Nagios and related software

Install Nagios Plugins
cd / t mp/ nagi os- pl ugi ns- *
. / conf i gur e - - wi t h- nagi os- user =nagi os - - wi t h- nagi os- gr oup=nagi os
make
make i nst al l
Install and setup NRPE
Install NRPE client
cd / t mp/ nr pe- *
. / conf i gur e
make al l
make i nst al l - pl ugi n
make i nst al l - daemon
make i nst al l - daemon- conf i g
make i nst al l - xi net d
Configure xinetd
Restrict access to Nagios server
vi / et c/ xi net d. d/ nr pe
locate the line starting with "only_from" and append the address(es) of the Nagios monitoring server(s). In this
example we are using 81.20.136.81.
IPv4 only:
onl y_f r om = 127. 0. 0. 1 10. 3. 1. 14
IPv4 and IPv6:
onl y_f r om = 127. 0. 0. 1 81. 20. 136. 81 : : f f f f : 10. 3. 1. 14
Make sure the nrpe daemon is running under xinetd:
net st at - at | gr ep nr pe
The output out this command should show something like this:
t cp 0 0 *: nr pe *: * LI STEN
If you don't see this output, try to restart XINETD:
ser vi ce xi net d r est ar t
If the test still fails, check / var / l og/ messages.
Check at websites below for more recent versions.
3 - Installation - NRPE Client (CentOS 6.5) - How To - Gutzmann GmbH
https://wiki.gutzmann.com/confluence/pages/viewpage.action?pageId=12681241[11/09/2014 11:53:43 CH]
Set up logging
Make sure that xinetd writes to its own log file, so it doesn't clutter /var/log/messages.
vi / et c/ xi net d. conf
locate the line defining "log_type", and replace it by
l og_t ype = FI LE / var / l og/ xi net dl og
Test NRPE locally
Next, check to make sure the NRPE daemon is functioning properly. To do this, run the check_nrpe plugin that was
installed for testing purposes.
/ usr / l ocal / nagi os/ l i bexec/ check_nr pe - H 127. 0. 0. 1
You should get a string back that tells you what version of NRPE is installed, like this:
NRPE v2. 15
Customize NRPE commands
Add commands to NRPE by editing /usr/local/nagios/etc/nrpe.cfg. Here is an example:
vi / usr / l ocal / nagi os/ et c/ nr pe. cf g
locate the sections listing NRPE commands and add:
command[ check_r oot ] =/ usr / l ocal / nagi os/ l i bexec/ check_di sk - w 20% - c 10% - p /
command[ check_home] =/ usr / l ocal / nagi os/ l i bexec/ check_di sk - w 20% - c 10% - p / home
Now test the new commands:
/ usr / l ocal / nagi os/ l i bexec/ check_nr pe - H 127. 0. 0. 1 - c check_home
Test NRPE from the Nagios monitoring server
At your Nagios monitoring server (not the one you're running this installation!), run the following command, replacing
"wiki.gutzmann.com" with the name of the actual client server:
/ usr / l ocal / nagi os/ l i bexec/ check_nr pe - H 10. 3. 1. 17 - c check_l oad
If you see an error message indicating that check_nrpe was not found, check that you didn't miss the definition on the
command in /usr/local/nagios/etc/objects/commands.cfg; see "1 - Installation - Nagios Server (CentOS 6.4)".
If you see the error message "CHECK_NRPE: Error - Could not complete SSL handshake.", you should check:
Went something wrong with the firewall configuration? Try "t el net 10. 3. 1. 17 5666" from the Nagios
server (replace the IP name with the name or address of your NRPE client). Enter "QUIT" do stop the telnet
session (there are more correct ways, but this will do).
Check all configuration files if you accidentally entered sample data from this How-To.
Make sure that you actually testing from the Nagios monitoring server and not from the host you just installed
NRPE Client on. Reason is that you didn't allow the client's public IP address in /etc/xinet.d/nrpe, just localhost
and the Nagios server.
No labels
For comments and questions please contact wiki<at>gutzmann.com.
Powered by Atlassian Confluence, a Confluence theme by RefinedWiki