Page 3 of 6

Re: Forwarding status and events from one server to another

Posted: Thu Feb 08, 2018 5:18 pm
by rjconroy
yes I'm a little tunnel visioned myself and didn't catch that typo... here is the updated output from both:

parent:
parentserver:/usr/local/nrdp/clients# su - nagios
You have new mail in /var/mail/root
parentserver:/usr/local/nrdp/clients# umask
0022
parentserver:/usr/local/nrdp/clients# exit
exit


child:
childsensor:/usr/local/nrdp/clients# su - nagios
childsensor:/usr/local/nrdp/clients# umask
0022
childsensor:/usr/local/nrdp/clients# exit

Re: Forwarding status and events from one server to another

Posted: Thu Feb 08, 2018 5:19 pm
by dwhitfield
By default, on many OSes, the access.conf is completely commented out. Do you have anything related to apache in there? Anything about apache in the sudoers?

Re: Forwarding status and events from one server to another

Posted: Thu Feb 08, 2018 5:28 pm
by rjconroy
yes, access.conf appeared to be completely commented out
sudoers didn't have "apache" per se, however, the web services are run thru another account and it was there.
There were no entries relevant to any of the Nagios folders though.

Re: Forwarding status and events from one server to another

Posted: Fri Feb 09, 2018 2:54 pm
by tgriep
Can you run your send_nrdp.php test from your previous post, please show the output of the command.

If nothing shows up in the nagios.log file, check the Apache log files for any errors when the test was ran.

Re: Forwarding status and events from one server to another

Posted: Mon Feb 12, 2018 11:43 am
by rjconroy
The command has no output, when run from the client server it simply returns me to the command prompt and I observe the packets using tcpdump on server side.

Re: Forwarding status and events from one server to another

Posted: Mon Feb 12, 2018 11:49 am
by rjconroy
added, I see a bunch of files in the checkresults folder, but they appear to all be blank. Unsure if related just seemed out of place that files were created but nothing was written to them

Re: Forwarding status and events from one server to another

Posted: Mon Feb 12, 2018 2:02 pm
by rjconroy
update...
found following error in apache error.log:
[Mon Feb 12 10:23:27.567137 2018] [:error] [pid 6889] [client 192.168.1.102:57903] PHP Warning: Invalid argument supplied for foreach() in /usr/local/nrdp/server/plugins/nagioscorepassivecheck/nagioscorepassivecheck.inc.php on line 161, referer: https://192.168.1.81/nrdp/

Here is that line and the section in the file listed
else if ($method == "json") {
foreach ($json["checkresults"] as $cr) {

// Get check result type
$type = "host";
foreach ($cr["checkresult"] as $var => $val) { This is line 161
if ($var == "type") {
$type = strval($val);
}
}


I also observed this in main apache.log:
a.v.c.d - - [12/Feb/2018:11:00:09 -0800] "POST /nrdp/ HTTP/1.1" 200 509 "https://w.x.y.z/nrdp/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0"
...but this wouldn't seem to indicate an issue if I'm reading it right.

Re: Forwarding status and events from one server to another

Posted: Mon Feb 12, 2018 3:09 pm
by rjconroy
one more thing I found that I didn't observe previously or overlooked...
when I run the json test it shows result OK, however, in the Nagios.log there is a notification similar to this:
[1518465861] Warning: Check result queue contained results for host '', but the host could not be found! Perhaps you forgot to define the host in your config files?
This is appearing even though the host is defined and does appear in the GUI.

For example here is the conf for one of them:
define host{
host_name somehost
alias somehost
address 10.10.10.1
use generic-host
}
It would appear that the issue is that somehow its not associating the input with the correct host.

Re: Forwarding status and events from one server to another

Posted: Mon Feb 12, 2018 3:39 pm
by rjconroy
added note again:
If I run the nrdp xml check the status updates, the json does not.

Re: Forwarding status and events from one server to another

Posted: Mon Feb 12, 2018 5:28 pm
by tgriep
The send_nrpd.php script should be sending the data in XML format.
Can you disable SSL on the Nagios server so we can run tcpdump in Ascii mode so we can see what is being sent to the Nagios Server?

Run this as root on the Nagios server

Code: Select all

tcpdump -i any port 80 -A -vv
Run the send_nrpd.php command again and post the output of the tcpdump so we can see what is being received.

I haven't dome much testing but it does look like the JSON interface is not working.