The "check_users" command that is defined on my remote box:
command[check_users]=/usr/local/nagios/libexec/check_users -w 5 -c 10
command[check_load]=/usr/local/nagios/libexec/check_load -r -w .15,.10,.05 -c .30,.25,.20
command[check_disk]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/sda1
command[check_zombie_procs]=/usr/local/nagios/libexec/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/local/nagios/libexec/check_procs -w 150 -c 200
# command[check_mysql]=/usr/local/nagios/libex/check_mysql -w 20% -c 10%
# The following examples allow user-supplied arguments and can
# only be used if the NRPE daemon was compiled with support for
# command arguments *AND* the dont_blame_nrpe directive in this
# config file is set to '1'. This poses a potential security risk, so
# make sure you read the SECURITY file before doing this.
### MISC SYSTEM METRICS ###
#command[check_users]=/usr/local/nagios/libexec/check_users $ARG1$
#command[check_load]=/usr/local/nagios/libexec/check_load $ARG1$
#command[check_disk]=/usr/local/nagios/libexec/check_disk $ARG1$
#command[check_swap]=/usr/local/nagios/libexec/check_swap $ARG1$
#command[check_cpu_stats]=/usr/local/nagios/libexec/check_cpu_stats.sh $ARG1$
#command[check_mem]=/usr/local/nagios/libexec/custom_check_mem -n $ARG1$
The "Users" service definition on the nagios server
define service{
use generic-service
host_name io
service_description Current Users
check_command check_nrpe!check_users
contact_groups linux-admins,linux-admins-text
}
The actual check, run from the command line on the nagios server, along with the output of it:
[root:/usr/local/nagios/etc/servers]$ /usr/local/nagios/libexec/check_nrpe -H 155.42.51.41 -c check_users -a '-w 2 -c 3'
connect to address 155.42.51.41 port 5666: Connection refused
connect to host 155.42.51.41 port 5666: Connection refused
(Nagios-server)[root:/usr/local/nagios/etc/servers]$
/etc/services file on remote server contains the line below
nrpe 5666/tcp # NRPE/Nagiios
Your arguments are "hard-coded" in your command, so you would need to run (from the Nagios server):
/usr/local/nagios/libexec/check_nrpe -H 155.42.51.41 -c check_users
connect to address 155.42.51.41 port 5666: Connection refused
connect to host 155.42.51.41 port 5666: Connection refused
Can you run the commands below on the nagios server successfully?
/usr/local/nagios/libexec/check_nrpe -H 155.42.51.41
[root:/usr/local/nagios/etc/servers]$ /usr/local/nagios/libexec/check_nrpe -H 155.42.51.41
connect to address 155.42.51.41 port 5666: Connection refused
connect to host 155.42.51.41 port 5666: Connection refused
nmap 155.42.51.41 -p 5666
Starting Nmap 6.40 (
http://nmap.org ) at 2018-04-12 14:22 EDT
Nmap scan report for io.ccv.vsc.edu (155.42.51.41)
Host is up (0.00028s latency).
PORT STATE SERVICE
5666/tcp closed nrpe
MAC Address: 00:0C:29:2E:18:85 (VMware)
Nmap done: 1 IP address (1 host up) scanned in 0.18 seconds
Is NRPE running under xinetd or as a "stand-alone" daemon on the remote machine?
What is the output of the following commands, run on the NRPE box?
ps axuw | grep nrpe
[root:/etc/sysconfig]# ps axuw | grep nrpe
root 28788 0.0 0.0 105372 844 pts/0 S+ 14:26 0:00 grep nrpe
(io)[root:/etc/sysconfig]#
netstat -at | grep nrpe
[root:/etc/sysconfig]# netstat -at | grep nrpe
[root:/etc/sysconfig]#
You need to add your Nagios server's IP address to the "allowed_hosts" line in the nrpe.cfg file (if NRPE is running as a "stand-alone" daemon) or add it to the "only_from" directive in the "/etc/xinetd.d/nrpe" file (if NRPE is running under xinetd) if you haven't done this already.
Then, you will need to restart the nrpe service or xinetd so that changes can take effect.
Ran service xinetd restart (this was successful on the target server)
Do you have a firewall, e.g.iptables or firewalld or selinux enabled on the server and the client machines? Yes, on both the target host and the Nagios server.
Entry on the Nagios server’s iptables file:
# target host
-A RH-Firewall-1-INPUT -s 155.42.51.41 -j ACCEPT
Entry on the Target server iptables file:
#Nagios server
-A INPUT -s 155.42.51.60 -j ACCEPT
Followed by running the command below on both target and nagio server:
Iptables-restore <iptables
Ran on target server
[root:/usr/local/nagios/etc]# netstat -anp | grep 5666
[root:/usr/local/nagios/etc]#
[root:/usr/local/nagios/etc]# ps -ef | grep nrpe
root 29528 25053 0 15:12 pts/0 00:00:00 grep nrpe
[root:/usr/local/nagios/etc]#
I did notice the nrpe service seems to be unknown to the target server. Should I just reinstall nrpe?