Page 1 of 1

check_tacacs_plus.pl not working

Posted: Wed Dec 13, 2017 3:06 am
by majed
Peace,
according to
https://exchange.nagios.org/directory/P ... us/details
a user says he had to modify the script to include use lib "$perl_library"

perhaps you know how to do that?

Code: Select all

 /usr/lib64/nagios/plugins $ ./check_tacacs_plus.pl -H tacacs_server_ip -k kawabanga -u tacacsuser -p hid
read error
/usr/lib64/nagios/plugins $ ./check_tacacs_plus.pl -H ciscorouter -k hiddenkey  -u me -p hid
CRITICAL: connection failed

Re: check_tacacs_plus.pl not working

Posted: Wed Dec 13, 2017 1:39 pm
by npolovenko
Hello, @majed.

Well, I think you just need to install this module:

Code: Select all

cpan Authen::TacacsPlus
If you can run ./check_tacacs_plus.pl without any perl errors, that should be enough. If you were running this plugin on some rare Linux build and it couldn't find Perl modules, then you'd need to manually import the path the library.
Now, as far as the connection error you're getting. We're not the developers of this plugin but based on the source code you can a)increase the timeout b)run it with a verbose flag. You can try something like this:

Code: Select all

./check_tacacs_plus.pl -H tacacs_server_ip -k kawabanga -u tacacsuser -p hid -t 60 -v

Re: check_tacacs_plus.pl not working

Posted: Thu Dec 14, 2017 7:19 am
by majed
Thanks for replying, timeout is not the problem, the result appears instantly, and -v produces nothing more.

Code: Select all

https://forums.gentoo.org/viewtopic-p-8155724.html#8155724
says that gentoo automagically detects the perl libraries.

Re: check_tacacs_plus.pl not working

Posted: Thu Dec 14, 2017 5:48 pm
by npolovenko
@majed, My thought right now is that this plugin was built to use an outdated version of /usr/local/lib64/perl5/Authen/TacacsPlus.pm. Perhaps something has changed in modern perl syntax and it has trouble reading that module.

You may also take a look at this tacacs connection troubleshooting guide:
https://www.cisco.com/c/en/us/support/d ... Issue.html

Also, if you tell us what kind of checks you want to run, we might recommend some other plugin. What version of Gentoo are you running?

Re: check_tacacs_plus.pl not working

Posted: Fri Dec 15, 2017 2:39 am
by majed
thank you for the new information, i added the nagios ip to the tacacs server and the plugin immediately worked.
In nagios, it nagged about utils.pm not present, duckducked the error and it turns out the lib path must point to the utils.pm folder which must be in the plugin directory.
so i had to edit the script as follows:

Code: Select all

#use lib "/usr/local/nagios/libexec";
use lib "/usr/lib64/nagios/plugins";
of course other linuxes will have either the correct path or another variance.
You know what I want to check

Re: check_tacacs_plus.pl not working

Posted: Fri Dec 15, 2017 9:41 am
by dwhitfield
majed wrote:i added the nagios ip to the tacacs server and the plugin immediately worked.
Are you saying the issue is resolved?

As for the question about what you want to check, actually, we don't know what info you want. We know you want some sort of information from a tacas server. What information? Just whether the tacas is running or not or some sort of metric?

Re: check_tacacs_plus.pl not working

Posted: Mon Dec 18, 2017 3:45 am
by majed
Well, i'd welcome any kind of checks for tacacs but i didn't find other than the mentioned.

Re: check_tacacs_plus.pl not working

Posted: Mon Dec 18, 2017 2:04 pm
by dwhitfield
majed wrote:i added the nagios ip to the tacacs server and the plugin immediately worked.
I just want to be clear that the issue is resolved before we close.

If this particular plugin does not provide the information you need, I would suggest adding a request at https://github.com/nagios-plugins/nagio ... issues/new