check_tacacs_plus.pl not working

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
majed
Posts: 98
Joined: Mon Mar 17, 2014 5:29 am

check_tacacs_plus.pl not working

Post by majed »

Peace,
according to
https://exchange.nagios.org/directory/P ... us/details
a user says he had to modify the script to include use lib "$perl_library"

perhaps you know how to do that?

Code: Select all

 /usr/lib64/nagios/plugins $ ./check_tacacs_plus.pl -H tacacs_server_ip -k kawabanga -u tacacsuser -p hid
read error
/usr/lib64/nagios/plugins $ ./check_tacacs_plus.pl -H ciscorouter -k hiddenkey  -u me -p hid
CRITICAL: connection failed
Seek and you shall find, knock and it shall be opened, cry and you shall find comfort
npolovenko
Support Tech
Posts: 3457
Joined: Mon May 15, 2017 5:00 pm

Re: check_tacacs_plus.pl not working

Post by npolovenko »

Hello, @majed.

Well, I think you just need to install this module:

Code: Select all

cpan Authen::TacacsPlus
If you can run ./check_tacacs_plus.pl without any perl errors, that should be enough. If you were running this plugin on some rare Linux build and it couldn't find Perl modules, then you'd need to manually import the path the library.
Now, as far as the connection error you're getting. We're not the developers of this plugin but based on the source code you can a)increase the timeout b)run it with a verbose flag. You can try something like this:

Code: Select all

./check_tacacs_plus.pl -H tacacs_server_ip -k kawabanga -u tacacsuser -p hid -t 60 -v
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
majed
Posts: 98
Joined: Mon Mar 17, 2014 5:29 am

Re: check_tacacs_plus.pl not working

Post by majed »

Thanks for replying, timeout is not the problem, the result appears instantly, and -v produces nothing more.

Code: Select all

https://forums.gentoo.org/viewtopic-p-8155724.html#8155724
says that gentoo automagically detects the perl libraries.
Seek and you shall find, knock and it shall be opened, cry and you shall find comfort
npolovenko
Support Tech
Posts: 3457
Joined: Mon May 15, 2017 5:00 pm

Re: check_tacacs_plus.pl not working

Post by npolovenko »

@majed, My thought right now is that this plugin was built to use an outdated version of /usr/local/lib64/perl5/Authen/TacacsPlus.pm. Perhaps something has changed in modern perl syntax and it has trouble reading that module.

You may also take a look at this tacacs connection troubleshooting guide:
https://www.cisco.com/c/en/us/support/d ... Issue.html

Also, if you tell us what kind of checks you want to run, we might recommend some other plugin. What version of Gentoo are you running?
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
majed
Posts: 98
Joined: Mon Mar 17, 2014 5:29 am

Re: check_tacacs_plus.pl not working

Post by majed »

thank you for the new information, i added the nagios ip to the tacacs server and the plugin immediately worked.
In nagios, it nagged about utils.pm not present, duckducked the error and it turns out the lib path must point to the utils.pm folder which must be in the plugin directory.
so i had to edit the script as follows:

Code: Select all

#use lib "/usr/local/nagios/libexec";
use lib "/usr/lib64/nagios/plugins";
of course other linuxes will have either the correct path or another variance.
You know what I want to check
Seek and you shall find, knock and it shall be opened, cry and you shall find comfort
dwhitfield
Former Nagios Staff
Posts: 4583
Joined: Wed Sep 21, 2016 10:29 am
Location: NoLo, Minneapolis, MN
Contact:

Re: check_tacacs_plus.pl not working

Post by dwhitfield »

majed wrote:i added the nagios ip to the tacacs server and the plugin immediately worked.
Are you saying the issue is resolved?

As for the question about what you want to check, actually, we don't know what info you want. We know you want some sort of information from a tacas server. What information? Just whether the tacas is running or not or some sort of metric?
majed
Posts: 98
Joined: Mon Mar 17, 2014 5:29 am

Re: check_tacacs_plus.pl not working

Post by majed »

Well, i'd welcome any kind of checks for tacacs but i didn't find other than the mentioned.
Seek and you shall find, knock and it shall be opened, cry and you shall find comfort
dwhitfield
Former Nagios Staff
Posts: 4583
Joined: Wed Sep 21, 2016 10:29 am
Location: NoLo, Minneapolis, MN
Contact:

Re: check_tacacs_plus.pl not working

Post by dwhitfield »

majed wrote:i added the nagios ip to the tacacs server and the plugin immediately worked.
I just want to be clear that the issue is resolved before we close.

If this particular plugin does not provide the information you need, I would suggest adding a request at https://github.com/nagios-plugins/nagio ... issues/new
Locked