Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
This is in continuation of my previous post wherein error message "Error message : Error: Could not complete SSL handshake. 5" is getting written to /var/log/messages every min. All the services are in ok state. The requirement is how to avoid these messages or not to log any of the error messages generated by nrpe in any of the log file.
After upgrading to latest nrpe agent and editing syslog settings to stop logging all of the nrpe messages using the example below for the syslog config file, /var/log/message file is not generating any logs even though rsyslog is working fine. If system logs will not written to /var/log/messages then it is an issue.
Could you please suggest how to resolve this issue.
Hello, @chimborah. I don't see how adding this part nrpe.none could stop all rsyslogs to the messages file. But you could remove that part and restart rsyslog:
Would that restore logging? Also, since all the nrpe checks are OK, I wonder where the handshake message comes from. Do you happen to have other nrpe checks at all?Perhaps, after you revert the rsyslog settings you could share the messages.log file with us.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
[root@HostName log]# cat messages
Jan 9 14:31:12 HostName kernel: imklog 5.8.10, log source = /proc/kmsg started.
Jan 9 14:31:12 HostName rsyslogd: [origin software="rsyslogd" swVersion="5.8.10" x-pid="29420" x-info="http://www.rsyslog.com"] start
Jan 9 14:33:52 HostName nrpe[29572]: CONN_CHECK_PEER: checking if host is allowed: 10.x.x.x port 31950
Jan 9 14:33:52 HostName nrpe[29572]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:33:52 HostName nrpe[29572]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:33:52 HostName nrpe[29572]: is_an_allowed_host (AF_INET): host is in allowed host list!
Jan 9 14:33:53 HostName nrpe[29576]: CONN_CHECK_PEER: checking if host is allowed: 10.x.x.x port 1xxx
Jan 9 14:33:53 HostName nrpe[29576]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:33:53 HostName nrpe[29576]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:33:53 HostName nrpe[29576]: is_an_allowed_host (AF_INET): host is in allowed host list!
Jan 9 14:33:53 HostName nrpe[29580]: CONN_CHECK_PEER: checking if host is allowed: 10.x.x.x port 4xxx
Jan 9 14:33:53 HostName nrpe[29580]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:33:53 HostName nrpe[29580]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:33:53 HostName nrpe[29580]: is_an_allowed_host (AF_INET): host is in allowed host list!
Jan 9 14:33:53 HostName nrpe[29580]: Error: (!log_opts) Could not complete SSL handshake with 10.x.x.x: 5
Jan 9 14:33:53 HostName nrpe[29582]: CONN_CHECK_PEER: checking if host is allowed: 10.x.x.x port 8xxx
Jan 9 14:33:53 HostName nrpe[29582]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:33:53 HostName nrpe[29582]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:33:53 HostName nrpe[29582]: is_an_allowed_host (AF_INET): host is in allowed host list!
Jan 9 14:33:55 HostName nrpe[29584]: CONN_CHECK_PEER: checking if host is allowed: 10.x.x.x port 1xxxx
Jan 9 14:33:55 HostName nrpe[29584]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:33:55 HostName nrpe[29584]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:33:55 HostName nrpe[29584]: is_an_allowed_host (AF_INET): host is in allowed host list!
Jan 9 14:33:58 HostName nrpe[29592]: CONN_CHECK_PEER: checking if host is allowed: 10.x.x.x port 3xxx
Jan 9 14:33:58 HostName nrpe[29592]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:33:58 HostName nrpe[29592]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:33:58 HostName nrpe[29592]: is_an_allowed_host (AF_INET): host is in allowed host list!
Jan 9 14:34:00 HostName nrpe[29597]: CONN_CHECK_PEER: checking if host is allowed: 10.x.x.x port 5xxxx
Jan 9 14:34:00 HostName nrpe[29597]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:34:00 HostName nrpe[29597]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:34:00 HostName nrpe[29597]: is_an_allowed_host (AF_INET): host is in allowed host list!
Jan 9 14:34:01 HostName nrpe[29601]: CONN_CHECK_PEER: checking if host is allowed: 10.x.x.x port 1xxxx
Jan 9 14:34:01 HostName nrpe[29601]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:34:01 HostName nrpe[29601]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:34:01 HostName nrpe[29601]: is_an_allowed_host (AF_INET): host is in allowed host list!
Jan 9 14:34:01 HostName nrpe[29603]: CONN_CHECK_PEER: checking if host is allowed: 10.x.x.x port 1xxxx
Jan 9 14:34:01 HostName nrpe[29603]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:34:01 HostName nrpe[29603]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:34:01 HostName nrpe[29603]: is_an_allowed_host (AF_INET): host is in allowed host list!
Jan 9 14:34:26 HostName nrpe[29618]: CONN_CHECK_PEER: checking if host is allowed: 10.x.x.x port 6xxxx
Jan 9 14:34:26 HostName nrpe[29618]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:34:26 HostName nrpe[29618]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:34:26 HostName nrpe[29618]: is_an_allowed_host (AF_INET): host is in allowed host list!
Jan 9 14:34:26 HostName nrpe[29618]: Error: (!log_opts) Could not complete SSL handshake with 10.x.x.x: 5
Jan 9 14:38:29 HostName nrpe[29721]: CONN_CHECK_PEER: checking if host is allowed: 10.x.x.x port 4xxxx
Jan 9 14:38:29 HostName nrpe[29721]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:38:29 HostName nrpe[29721]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:38:29 HostName nrpe[29721]: is_an_allowed_host (AF_INET): host is in allowed host list!
Jan 9 14:38:29 HostName nrpe[29721]: Error: (!log_opts) Could not complete SSL handshake with 10.x.x.x: 5
Jan 9 14:38:55 HostName nrpe[29727]: CONN_CHECK_PEER: checking if host is allowed: 10.x.x.x port xxxx
Jan 9 14:38:55 HostName nrpe[29727]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:38:55 HostName nrpe[29727]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:38:55 HostName nrpe[29727]: is_an_allowed_host (AF_INET): host is in allowed host list!
Jan 9 14:38:58 HostName nrpe[29731]: CONN_CHECK_PEER: checking if host is allowed: 10.x.x.x port 2xxxx
Jan 9 14:38:58 HostName nrpe[29731]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:38:58 HostName nrpe[29731]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:38:58 HostName nrpe[29731]: is_an_allowed_host (AF_INET): host is in allowed host list!
Jan 9 14:38:58 HostName nrpe[29735]: CONN_CHECK_PEER: checking if host is allowed: 10.x.x.x port 3xxxx
Jan 9 14:38:58 HostName nrpe[29735]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:38:58 HostName nrpe[29735]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:38:58 HostName nrpe[29735]: is_an_allowed_host (AF_INET): host is in allowed host list!
Jan 9 14:38:58 HostName nrpe[29735]: Error: (!log_opts) Could not complete SSL handshake with 10.x.x.x: 5
Jan 9 14:38:58 HostName nrpe[29737]: CONN_CHECK_PEER: checking if host is allowed: 10.x.x.x port 4xxxx
Jan 9 14:38:58 HostName nrpe[29737]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:38:58 HostName nrpe[29737]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:38:58 HostName nrpe[29737]: is_an_allowed_host (AF_INET): host is in allowed host list!
Jan 9 14:39:00 HostName nrpe[29739]: CONN_CHECK_PEER: checking if host is allowed: 10.x.x.x port 5xxxx
Jan 9 14:39:00 HostName nrpe[29739]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:39:00 HostName nrpe[29739]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
Jan 9 14:39:00 HostName nrpe[29739]: is_an_allowed_host (AF_INET): host is in allowed host list!
Jan 9 14:39:04 HostName nrpe[29756]: CONN_CHECK_PEER: checking if host is allowed: 10.x.x.x port 3xxxx
Jan 9 14:39:04 HostName nrpe[29756]: is_an_allowed_host (AF_INET): is host >10.x.x.x< an allowed host >10.x.x.x<
@chimborah I don't see any non-nrpe entries in the messages log file. Maybe you just didn't have any system log entries there recently? Can you show us the service checks definitions for the host AF_INET? Also, are you running nrpe under xinetd by any chance? If so take a look at the Xinetd Per Source Limit part of this article: https://support.nagios.com/kb/article/n ... e-615.html
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.