How to monitor snort on another host

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
nagios1_1
Posts: 14
Joined: Thu Jan 26, 2017 12:25 pm

How to monitor snort on another host

Post by nagios1_1 »

Hi friends, I wanted to ask you if you could help me hand to monitor snort with nagios.
Nagios and Snort are on two different hosts on the same LAN
dwhitfield
Former Nagios Staff
Posts: 4583
Joined: Wed Sep 21, 2016 10:29 am
Location: NoLo, Minneapolis, MN
Contact:

Re: How to monitor snort on another host

Post by dwhitfield »

https://exchange.nagios.org//directory/ ... rt/details is a bit old, but you should check it out and see if it works for you.
nagios1_1
Posts: 14
Joined: Thu Jan 26, 2017 12:25 pm

Re: How to monitor snort on another host

Post by nagios1_1 »

dwhitfield wrote:https://exchange.nagios.org//directory/ ... rt/details is a bit old, but you should check it out and see if it works for you.
Archive is demaged.
User avatar
cdienger
Support Tech
Posts: 5045
Joined: Tue Feb 07, 2017 11:26 am

Re: How to monitor snort on another host

Post by cdienger »

Greetings, I was able to open the archive without issue with 7zip. The script is very tiny so I've pasted it below as well:

if [ $1 ]; then
status=$1
echo "$status"
exit -1
else
status() {
local base=${1##*/}
local pid

# Test syntax.
if [ "$#" = 0 ] ; then
echo $"Usage: status {program}"
return 1
fi

# First try "pidof"
pid=`pidof -o $$ -o $PPID -o %PPID -x $1 || \
pidof -o $$ -o $PPID -o %PPID -x ${base}`
if [ -n "$pid" ]; then
echo $"OK : ${base} (pid $pid) is running..."
return 0
fi

# Next try "/var/run/*.pid" files
if [ -f /var/run/${base}.pid ] ; then
read pid < /var/run/${base}.pid
if [ -n "$pid" ]; then
echo $"CRITICAL : ${base} dead but pid file exists"
return 1
fi
fi
# See if /var/lock/subsys/${base} exists
if [ -f /var/lock/subsys/${base} ]; then
echo $"CRITICAL : ${base} dead but subsys locked"
return 2
fi
echo $"CRITICAL : snort is stopped"
return 3
}

status snort
fi
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Locked