NRPE problem
-
- Posts: 14
- Joined: Tue May 19, 2015 6:10 am
NRPE problem
I encounted a problem about the nrpe. The detail is as follows:
$ ./check_nrpe -H 127.0.0.1
CHECK_NRPE: Socket timeout after 10 seconds.
$ ./check_nrpe -H 127.0.0.1 -t 20
CHECK_NRPE: Error - Could not complete SSL handshake.
It is OK after adding the parameter "-n".
$ ./check_nrpe -n -H 127.0.0.1
NRPE v2.15
The OS of remote host installed nrpe is solaris.
$ uname -a
SunOS sun1 5.11 11.1 sun4v sparc sun4v
I checked the OS log file "/var/adm/messages". It showes:
Aug 3 09:18:35 sun1 nrpe[24574]: [ID 421412 daemon.error] Could not read request from client, bailing out...
Hope offer me your help. Thanks!
$ ./check_nrpe -H 127.0.0.1
CHECK_NRPE: Socket timeout after 10 seconds.
$ ./check_nrpe -H 127.0.0.1 -t 20
CHECK_NRPE: Error - Could not complete SSL handshake.
It is OK after adding the parameter "-n".
$ ./check_nrpe -n -H 127.0.0.1
NRPE v2.15
The OS of remote host installed nrpe is solaris.
$ uname -a
SunOS sun1 5.11 11.1 sun4v sparc sun4v
I checked the OS log file "/var/adm/messages". It showes:
Aug 3 09:18:35 sun1 nrpe[24574]: [ID 421412 daemon.error] Could not read request from client, bailing out...
Hope offer me your help. Thanks!
- Box293
- Too Basu
- Posts: 5126
- Joined: Sun Feb 07, 2010 10:55 pm
- Location: Deniliquin, Australia
- Contact:
Re: NRPE problem
The -n is required because when it was compiled on the Solaris box the ssl libraries were not found.
This guide shows you a full install and it looks like it includes the ssl stuff:
https://lucamerello.wordpress.com/2014/ ... -and-nrpe/
This guide shows you a full install and it looks like it includes the ssl stuff:
https://lucamerello.wordpress.com/2014/ ... -and-nrpe/
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
-
- Posts: 14
- Joined: Tue May 19, 2015 6:10 am
Re: NRPE problem
Hi, Box293:
Thanks!
The problem is still occur after installing the nrpe according to the guide that you give me.
The attachments are the log of my installation.
No error info after checking the logs.
Please offer me your help! Thank U!
Thanks!
The problem is still occur after installing the nrpe according to the guide that you give me.
The attachments are the log of my installation.
No error info after checking the logs.
Please offer me your help! Thank U!
- Attachments
-
- install_nrpe_on_solaris0807.txt
- the log of installing nrpe on solaris
- (9.98 KiB) Downloaded 196 times
-
- install_plugins_on_solaris0807.txt
- the log of installing plugins on solaris
- (169.46 KiB) Downloaded 188 times
- Box293
- Too Basu
- Posts: 5126
- Joined: Sun Feb 07, 2010 10:55 pm
- Location: Deniliquin, Australia
- Contact:
Re: NRPE problem
I did find there were some work arounds in this document:
https://assets.nagios.com/downloads/nag ... _Agent.pdf
Can you please post your /etc/nagios/nrpe.cfg file.
https://assets.nagios.com/downloads/nag ... _Agent.pdf
Can you please post your /etc/nagios/nrpe.cfg file.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
-
- Posts: 14
- Joined: Tue May 19, 2015 6:10 am
Re: NRPE problem
Hi, Box293
I have uploaded the file.
I have uploaded the file.
- Attachments
-
- nrpe.cfg
- (8.11 KiB) Downloaded 285 times
Re: NRPE problem
Can you run the following and post back so we can check to see if SSL was compiled in?
Code: Select all
/export/home/nagios/nagios/nrpe -V
/export/home/nagios/nagios/libexec/check_nrpe -V
Be sure to check out our Knowledgebase for helpful articles and solutions!
-
- Posts: 14
- Joined: Tue May 19, 2015 6:10 am
Re: NRPE problem
Please check it.
Thank U.
Thank U.
Code: Select all
nagios@sun2:~/nagios/bin$ /export/home/nagios/nagios/bin/nrpe -V
NRPE - Nagios Remote Plugin Executor
Copyright (c) 1999-2008 Ethan Galstad (nagios@nagios.org)
Version: 2.15
Last Modified: 09-06-2013
License: GPL v2 with exemptions (-l for more info)
SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required
***************************************************************
** POSSIBLE SECURITY RISK - TCP WRAPPERS ARE NOT AVAILABLE! **
** Read the NRPE SECURITY file for more information **
***************************************************************
Usage: nrpe [-n] -c <config_file> [-4|-6] <mode>
Options:
-n = Do not use SSL
<config_file> = Name of config file to use
-4 = use ipv4 only
-6 = use ipv6 only
<mode> = One of the following operating modes:
-i = Run as a service under inetd or xinetd
-d = Run as a standalone daemon
-d -s = Run as a subsystem under AIX
Notes:
This program is designed to process requests from the check_nrpe
plugin on the host(s) running Nagios. It can run as a service
under inetd or xinetd (read the docs for info on this), or as a
standalone daemon. Once a request is received from an authorized
host, NRPE will execute the command/plugin (as defined in the
config file) and return the plugin output and return code to the
check_nrpe plugin.
Code: Select all
nagios@sun2:~/nagios/libexec$ /export/home/nagios/nagios/libexec/check_nrpe -V
/export/home/nagios/nagios/libexec/check_nrpe: illegal option -- V
NRPE Plugin for Nagios
Copyright (c) 1999-2008 Ethan Galstad (nagios@nagios.org)
Version: 2.15
Last Modified: 09-06-2013
License: GPL v2 with exemptions (-l for more info)
SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required
Usage: check_nrpe -H <host> [ -b <bindaddr> ] [-4] [-6] [-n] [-u] [-p <port>] [-t <timeout>] [-c <command>] [-a <arglist...>]
Options:
-n = Do no use SSL
-u = Make socket timeouts return an UNKNOWN state instead of CRITICAL
<host> = The address of the host running the NRPE daemon
<bindaddr> = bind to local address
-4 = user ipv4 only
-6 = user ipv6 only
[port] = The port on which the daemon is running (default=5666)
[timeout] = Number of seconds before connection times out (default=10)
[command] = The name of the command that the remote daemon should run
[arglist] = Optional arguments that should be passed to the command. Multiple
arguments should be separated by a space. If provided, this must be
the last option supplied on the command line.
Note:
This plugin requires that you have the NRPE daemon running on the remote host.
You must also have configured the daemon to associate a specific plugin command
with the [command] option you are specifying here. Upon receipt of the
[command] argument, the NRPE daemon will run the appropriate plugin command and
send the plugin output and return code back to *this* plugin. This allows you
to execute plugins on remote hosts and 'fake' the results to make Nagios think
the plugin is being run locally.
Re: NRPE problem
Can you restart nrpe, run the following commands on the client (remote machine), and show us the output?
Code: Select all
netstat -at | grep nrpe
ps -ef| grep [n]rpe
./check_nrpe -H 127.0.0.1
Be sure to check out our Knowledgebase for helpful articles and solutions!
-
- Posts: 14
- Joined: Tue May 19, 2015 6:10 am
Re: NRPE problem
Pls check it. Additional, the commcand "netstat -at | grep nrpe" can not execute.
nagios@sun2:~/nagios$ ps -ef|grep nrpe
nagios 15718 1 0 09:05:44 ? 0:00 bin/nrpe -n -c etc/nrpe.cfg -d
nagios 15735 15706 0 09:07:14 pts/1 0:00 grep nrpe
nagios@sun2:~/nagios$
nagios@sun2:~/nagios/libexec$ ./check_nrpe -H 127.0.0.1
CHECK_NRPE: Socket timeout after 10 seconds.
nagios@sun2:~/nagios/libexec$ netstat -na|grep 5666
127.0.0.1.61532 127.0.0.1.5666 130880 0 139264 0 TIME_WAIT
*.5666 *.* 0 0 128000 0 LISTEN
*.5666 *.* 0 0 128000 0 LISTEN
nagios@sun2:~/nagios/libexec$
nagios@sun2:~/nagios$ netstat -at | grep nrpe
netstat: illegal option -- t
usage: netstat [-anv] [-f address_family] [-T d|u]
netstat [-n] [-f address_family] [-P protocol] [-T d|u] [-g | -p | -s [interval [count]]]
netstat -m [-v] [-T d|u] [interval [count]]
netstat -i [-I interface] [-an] [-f address_family] [-T d|u] [interval [count]]
netstat -r [-anv] [-f address_family|filter] [-T d|u]
netstat -M [-ns] [-f address_family] [-T d|u]
netstat -D [-I interface] [-f address_family] [-T d|u]
nagios@sun2:~/nagios$ ps -ef|grep nrpe
nagios 15718 1 0 09:05:44 ? 0:00 bin/nrpe -n -c etc/nrpe.cfg -d
nagios 15735 15706 0 09:07:14 pts/1 0:00 grep nrpe
nagios@sun2:~/nagios$
nagios@sun2:~/nagios/libexec$ ./check_nrpe -H 127.0.0.1
CHECK_NRPE: Socket timeout after 10 seconds.
nagios@sun2:~/nagios/libexec$ netstat -na|grep 5666
127.0.0.1.61532 127.0.0.1.5666 130880 0 139264 0 TIME_WAIT
*.5666 *.* 0 0 128000 0 LISTEN
*.5666 *.* 0 0 128000 0 LISTEN
nagios@sun2:~/nagios/libexec$
nagios@sun2:~/nagios$ netstat -at | grep nrpe
netstat: illegal option -- t
usage: netstat [-anv] [-f address_family] [-T d|u]
netstat [-n] [-f address_family] [-P protocol] [-T d|u] [-g | -p | -s [interval [count]]]
netstat -m [-v] [-T d|u] [interval [count]]
netstat -i [-I interface] [-an] [-f address_family] [-T d|u] [interval [count]]
netstat -r [-anv] [-f address_family|filter] [-T d|u]
netstat -M [-ns] [-f address_family] [-T d|u]
netstat -D [-I interface] [-f address_family] [-T d|u]
Re: NRPE problem
The nrpe process is still running without ssl ("-n" flag)... Kill the process and start it with ssl:nagios@sun2:~/nagios$ ps -ef|grep nrpe
nagios 15718 1 0 09:05:44 ? 0:00 bin/nrpe -n -c etc/nrpe.cfg -d
Code: Select all
kill -9 15718
/bin/nrpe -c /etc/nrpe.cfg -d
Code: Select all
./check_nrpe -H 127.0.0.1
Be sure to check out our Knowledgebase for helpful articles and solutions!