NCPA & NRDP on Nagios Core Help please

[Slodge123]

I have setup NRDP on our Nagios core server which is built on Ubuntu. I can access the NRDP test page across the internet and using the token I setup I can enable and disable notifications for our hosts. This leads me to believe NRDP is working to some degree.

We now need to monitor a server which is behind a firewall that we don't control, nothing major just disk space and uptime etc. I have installed the Windows NCPA agent on the remote server and can login to the local webpage and see the agent monitoring stuff. I have configured the agent with the details of my Nagios server in the NRDP section of the agent.

Nothing for the NCPA agent ever shows in Nagios, I've searched but cant find the missing link?

Any help greatly appreciated.

[kyang]

Hey @Slodge123!

I have configured the agent with the details of my Nagios server in the NRDP section of the agent.

Can show you me this example?

What do you have defined on your Nagios Core server for an NCPA host/service check? (specifically the ncpa.cfg file that points back to the server you want to monitor?)

[Slodge123]

There are only three settings and from the server I can connect over http to the test page and it works.

NRDP URL - hhtp://nagios server ip address/nrdp
NRDP Token - MyToken
Hostname - TheNameTheServerToBeMonitored

Didn't realise I needed to configure the host check on the Nagios server for passive checks, thought these were configured on the agent? Where do put the host checks?

Thanks for your help

[kyang]

Okay, Yes. the passive checks stay on the agent.

Sorry for any confusion, what I meant was are you monitoring the server using passive checks or with active checks?

If it's behind a firewall, are you able to get any connection to the server you want to monitor?

[Slodge123]

The agent was setup for passive checks as we have no access to the firewall to forward ports.

That is why we need passive checks here as normally we do active checks via port forwards and NSClient++

The server we need to monitor has full internet access and can access the NRDP test page on our Nagios Core Server.

I can see the graphs in the NCPA Agent monitoring stuff just need to know how to get it to send the details to our Nagios Core server for display on our dashboard.

Not sure if the agent isn't sending or the core server isn't receiving.

[npolovenko]

@Slodge123, Can you upload:

Code: Select all

/usr/local/nagios/var/nagios.log 

file from your Nagios Core server? We need to see if Nagios is allready receiving NRDP check results.

And you do need to create passive Host and Service definitions on your Nagios Core as well. Please refer to this documentation:
https://support.nagios.com/kb/article/n ... tions.html

[Slodge123]

Right that's great.

I cannot see anything when I search the log file for either NRDP or NCSA so presumably the checks aren't getting there, what should I be looking for?

Also I have not defined any of the definitions described in the document linked. This document does not however let me know which files to add the definitions too.

I inherited this Nagios server when a colleague resigned and am very new to Nagios Core / Ubuntu / Linux.

For the active checks we have that are working I add details of the server in windows.cfg

Thanks again for your help

[npolovenko]

@Slodge123, Please take a look at this article: https://assets.nagios.com/downloads/ncp ... Checks.pdf

Basically, in your /usr/local/nagios/var/nagios.log file you should see something like:

Code: Select all

[1508380204] Error: Got host checkresult for 'S1601', but no such host can be found
[1508380204] Error: Got check result for service 'CPU Usage' on host 'S1601'. Unable to find service
[1508380204] Error: Got check result for service 'Disk Usage' on host 'S1601'. Unable to find service
[1508380204] Error: Got check result for service 'Swap Usage' on host 'S1601'. Unable to find service
[1508380204] Error: Got check result for service 'Memory Usage' on host 'S1601'. Unable to find service
[1508380204] Error: Got check result for service 'Process Count' on host 'S1601'. Unable to find service
[1508380204] Error: Got check result for service 'Disk Usage E' on host 'S1601'. Unable to find service

That's the goal that we need to achieve at first.

On windows machine, can find and you upload:
1. ncpa.cfg file from C:/ProgramFiles(x86)/Nagios/NCPA/etc
2 nrdp.cfg file from C:/ProgramFiles(x86)/Nagios/NCPA/etc/nrdp.cfg
Also, please open windows services and check if you see NCPA Passive -ncpapassive service running. It should say started.

[Slodge123]

When I have setup the NCPA on the remote server I get no messages in the log file as per your post. However when I access the NRDP test page and send a test that does show in the log.

Does this point to the agent not sending the results? Yes the service is started.

cfg files are as below

nrdp.cfg reads
[passive checks]
# Host check - This is to stop "pending check" status in Nagios
%HOSTNAME%|__HOST__ = /system/agent_version
# Service checks
%HOSTNAME%|CPU Usage = /cpu/percent --warning 80 --critical 90 --aggregate avg
%HOSTNAME%|Disk Usage = /disk/logical/C:|/used_percent --warning 80 --critical 90
%HOSTNAME%|Swap Usage = /memory/swap --warning 60 --critical 80
%HOSTNAME%|Memory Usage = /memory/virtual --warning 80 --critical 90
%HOSTNAME%|Process Count = /processes --warning 300 --critical 400

ncsa.cfg reads
[general]
#
# Check logging is on by default, you can disable it if you do not want to record
# the check requests that are coming in or checks being sent over NRDP.
# Default: check_logging = 1
#
check_logging = 1
#
# Check logging time - how long in DAYS you'd like to keep checks in the database.
# Default: 30
#
check_logging_time = 30
#
# -------------------------------
# Listener Configuration (daemon)
# -------------------------------
#
[listener]
#
# User and group to run plugins as (recommended to use nagios:nagios)
# Default: uid = nagios
# Default: gid = nagios
#
# ** Note - The daemon runs as root, but forks a child process when running a plugin
# that is defined by the user, for security reasons. However, without the main daemon
# running as root, much of the system information would be missing. This is typical behavior. **
#
# This is for Unix only (Linux, Mac OS X, etc)
#
uid = nagios
gid = nagios
#
# IP address and port number for the Listener to use for the web GUI and API
# Default: ip = 0.0.0.0
# Default: port = 5693
#
ip =0.0.0.0
port =5693
#
# SSL connection and certificate config (if an SSL option is not available on some older
# operating systems it will default back to TLSv1)
# ssl_version options: TLSv1, TLSv1_1, TLSv1_2
#
ssl_version =TLSv1_2
certificate = adhoc
#
# Listener logging file level, location, and the PID location
# Default: loglevel = info (debug, info, warning, error)
# Default: logfile = var/log/ncpa_listener.log
# Default: pidfile = var/run/ncpa_listener.pid (leave listener in pid file name)
#
loglevel =warning
logfile = var/log/ncpa_listener.log
pidfile = var/run/ncpa_listener.pid
#
# Delay the listener (API & web GUI) from starting in seconds
# Default: 0
#
# delay_start = 30
#
# Allow admin functionality in the web GUI. When this is set to 0, the admin section will not
# be displayed in the header and will not be available to be accessed.
# Default: 1
#
admin_gui_access = 1
#
# Admin password for the admin section in the web GUI, by default there is no admin
# password and the admin section of the GUI can be accessed by anyone if admin_gui_access is set to 1.
# Default: None
#
# Note: Setting this value to 'None' will automatically log you in, setting it empty will allow you to
# log in using a blank password.
#
admin_password = None
#
# Require admin password to access ALL of the web GUI.
# This does not affect API access via token (community_string).
# Default: 0
#
admin_auth_only = 0
#
# -------------------------------
# Listener Configuration (API)
# -------------------------------
#
[api]
#
# The token that will be used to log into the basic web GUI (API browser, graphs, top charts, etc)
# and to authenticate requests to the API and requests through check_ncpa.py
#
community_string =vHGYgtjGygjkGKJp
#
# -------------------------------
# Passive Configuration (daemon)
# -------------------------------
#
[passive]
#
# Handlers are a comma separated list of what you would like the passive agent to run
# Default: None
# Options:
# nrds, nrdp
#
# Example:
# handlers = nrds,nrdp
#
handlers =nrdp
#
# User and group to run passive checks as (Recommended to use nagios:nagios)
# Default: uid = nagios
# Default: gid = nagios
#
uid = nagios
gid = nagios
#
# Passive check interval - the amount in seconds to wait between each passive check by default,
# this can be overwritten by adding on a "|<duration>" in seconds to the passive check config
# Default: 300 (5 minutes)
#
sleep =300
#
# Passive logging file level, location, and the PID location
# Default: loglevel = info (debug, info, warning, error)
# Default: logfile = var/log/ncpa_passive.log
# Default: pidfile = var/run/ncpa_passive.pid (leave passive in pid file name)
#
loglevel =warning
logfile = var/log/ncpa_passive.log
pidfile = var/run/ncpa_passive.pid
#
# Delay passive checks from starting in seconds
# Default: 0
#
# delay_start = 30
#
# -------------------------------
# Passive Configuration (NRDP)
# -------------------------------
#
[nrdp]
#
# Connection settings to the NRDP server
# parent = NRDP server location (ex: http://<address>/nrdp)
# token = NRDP server token used to send NRDP results
#
parent =http://myserveripaddress/nrdp/
token =MySecureToken
# The hostname that will replace %HOSTNAME% in the check definitions and will be
# sent to NRDP with the check name as the service description (service name)
#
hostname =Enter123
#
# -------------------------------
# Passive Configuration (NRDS)
# -------------------------------
#
[nrds]
#
# NRDS CONFIGURATION DOES NOT WORK YET. MORE TO COME IN VERSION 2.1.0.
#
#
# NRDS connection information
#
url =
token =
config_name =
config_version =
update_config = 1
update_plugins = 1
#
# -------------------------------
# Plugin Configuration
# -------------------------------
#
[plugin directives]
#
# Plugin path where all plugins will be ran from.
#
plugin_path = plugins/
#
# Plugin execution timeout in seconds. Different than the check_ncpa.py timeout, which is
# normally for network connection issues. Will return a CRITICAL value and error when the plugin
# reaches the defined max execution timeout and kills the process.
# Default: 60
#
# plugin_timeout = 60
#
# Extensions for plugins
# ----------------------
# The extension for the plugin denotes how NCPA will try to run the plugin. Use this
# for setting how you want to run the plugin in the command line.
#
# NOTE: Plugins without an extension will be ran in the cmdline as follows:
# $plugin_name $plugin_args
#
# Defaults:
# .sh = /bin/sh $plugin_name $plugin_args
# .py = python $plugin_name $plugin_args
# .ps1 = powershell -ExecutionPolicy Bypass -File $plugin_name $plugin_args
# .vbs = cscript $plugin_name $plugin_args //NoLogo
# .bat = cmd /c $plugin_name $plugin_args
#
# Since windows NCPA is 32-bit, if you need to use 64-bit powershell, try the following for
# the powershell plugin definition:
# .ps1 = c:\windows\sysnative\windowspowershell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -File $plugin_name $plugin_args
#
# Linux / Mac OS X
.sh = /bin/sh $plugin_name $plugin_args
.py = python $plugin_name $plugin_args
# Windows
.ps1 = powershell -ExecutionPolicy Bypass -File $plugin_name $plugin_args
.vbs = cscript $plugin_name $plugin_args //NoLogo
.wsf = cscript $plugin_name $plugin_args //NoLogo
.bat = cmd /c $plugin_name $plugin_args

[npolovenko]

@Slodge123,
Yes, it means that the windows agent is not sending the results or they're not reaching linux server because of the firewall issues. I took a look at your settings and everything seems correct. Double check that your token is working if you use it in nrdp web interface and the parent corresponds to that web interface.

Code: Select all

parent =http://myserveripaddress/nrdp/
token =MySecureToken

In ncpa.cfg decrease this parameter for troubleshooting purposes and set it to 50:

Code: Select all

# Passive check interval - the amount in seconds to wait between each passive check by default,
# this can be overwritten by adding on a "|<duration>" in seconds to the passive check config
# Default: 300 (5 minutes)
#
sleep =300
#

After that go to services on your windows machine and restart NCPA passive service.

On Nagios make sure that Setenforce is turned off.

Code: Select all

sudo dpkg -l selinux*

Check the log again in 5 minutes

Code: Select all

/usr/local/nagios/var/nagios.log