Good afternoon,
I am trying to monitor an EMC VNX5200 device using the plugin of the following link:
https://exchange.nagios.org/directory/P ... 74/details
Through the interface of Centos 7 I can validate correctly when I execute the commands with the plugin:
check_emc_clariion.pl -H 192.168.5.1 -u readonly -p AStrongPassword -t disk
The array is operating normally
check_emc_clariion.pl -H 192.168.5.1 -u readonly -p AStrongPassword -t faults
80 physical disks are Ok. Hostpares are ready
But in the web interface of nagios it appears with errors as the attachment. Additionally, I have doubts about the definition of the equipment since it has two controllers, each with a different ip (SPA and SPB)
This is content of the file commands.cfg:
define command {
command_name check_emc_clariion
command_line $USER1$/check_emc_clariion.pl -H $ARG1$ $ARG2$ $ARG3$ $ARG4$ $ARG5$ $ARG6$ $ARG7$ $ARG8$
}
Grateful for the support,
Regards
Query monitoring EMC VNX
Query monitoring EMC VNX
- Attachments
-
- san.cfg
- (1.54 KiB) Downloaded 290 times
Re: Query monitoring EMC VNX
How strong is "AStrongPassword" ? Does it contain any special characters like |,$,!, etc.. ? Can you test with ASlightlyWeakerPasswordthat doesn't have any special characters?
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Query monitoring EMC VNX
Dear cdienger, I have also tried with the credentials by default user and password sysadmin.
Re: Query monitoring EMC VNX
Try switching to the nagios user and then running the ocmmands from the ocmmand line:
su - nagios
Also check the permissions on /opt/Navisphere/bin/navicli to verify that the nagios user is able to execute it.
su - nagios
Also check the permissions on /opt/Navisphere/bin/navicli to verify that the nagios user is able to execute it.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Query monitoring EMC VNX
Executing the commands from the user nagios appears:
[nagios@localhost libexec]$ ./check_emc_clariion.pl -H 192.168.5.1 -u sysadmin -p sysadmin -t faults
Error occurred during HTTP request/response from the target: '192.168.5.1'.
[nagios@localhost libexec]$ ./check_emc_clariion.pl -H 192.168.5.1 -u sysadmin -p sysadmin -t faults
Unable to validate the identity of the server. There are issues with the certificate presented.
Only import this certificate if you have reason to believe it was sent by a trusted source.
Certificate details:
Subject: CN=192.168.5.1,CN=B-IMAGE,OU=CLARiiON
Issuer: CN=192.168.5.1,CN=B-IMAGE,OU=CLARiiON
Serial#: f0512c00
Valid From: 20141231212225Z
Valid To: 20191230212225Z
Would you like to [1]Accept the certificate for this session, [2] Accept and store, [3] Reject the certificate?
Please input your selection(The default selection is [1]):
The array is operating normally.
[nagios@localhost libexec]$
Also, I do not have the navicli folder ..
[root@localhost libexec]# ll /opt/Navisphere/bin/
total 15212
-rwxrwxr-x 1 root root 562895 feb 26 2016 admsnap
-rwxrwxr-x 1 root root 15002779 feb 26 2016 naviseccli
-rwxr-xr-x 1 root root 3945 feb 26 2016 setlevel_cli.sh
-rw-r--r-- 1 root root 7 oct 17 15:21 setlevel.log
[nagios@localhost libexec]$ ./check_emc_clariion.pl -H 192.168.5.1 -u sysadmin -p sysadmin -t faults
Error occurred during HTTP request/response from the target: '192.168.5.1'.
[nagios@localhost libexec]$ ./check_emc_clariion.pl -H 192.168.5.1 -u sysadmin -p sysadmin -t faults
Unable to validate the identity of the server. There are issues with the certificate presented.
Only import this certificate if you have reason to believe it was sent by a trusted source.
Certificate details:
Subject: CN=192.168.5.1,CN=B-IMAGE,OU=CLARiiON
Issuer: CN=192.168.5.1,CN=B-IMAGE,OU=CLARiiON
Serial#: f0512c00
Valid From: 20141231212225Z
Valid To: 20191230212225Z
Would you like to [1]Accept the certificate for this session, [2] Accept and store, [3] Reject the certificate?
Please input your selection(The default selection is [1]):
The array is operating normally.
[nagios@localhost libexec]$
Also, I do not have the navicli folder ..
[root@localhost libexec]# ll /opt/Navisphere/bin/
total 15212
-rwxrwxr-x 1 root root 562895 feb 26 2016 admsnap
-rwxrwxr-x 1 root root 15002779 feb 26 2016 naviseccli
-rwxr-xr-x 1 root root 3945 feb 26 2016 setlevel_cli.sh
-rw-r--r-- 1 root root 7 oct 17 15:21 setlevel.log
Re: Query monitoring EMC VNX
Your first post you show you show a different username and password then the last post, can you verify that they are correct?
Be sure to check out our Knowledgebase for helpful articles and solutions!
Re: Query monitoring EMC VNX
Also, try running the command both as nagios and as root:
/opt/Navisphere/bin/naviseccli security -certificate -getLevel
It looks like the problem is that the certificate isn't trusted. You may need to use the naviseccli to add a cert or adjust the level:
/opt/Navisphere/bin/naviseccli security -certificate -setLevel low
/opt/Navisphere/bin/naviseccli security -certificate -getLevel
It looks like the problem is that the certificate isn't trusted. You may need to use the naviseccli to add a cert or adjust the level:
/opt/Navisphere/bin/naviseccli security -certificate -setLevel low
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Query monitoring EMC VNX
Dear tgriep, The user who has access is by default: sysadmin
Dear cdienger: Executing the command as user nagios and root results in a medium level.
But when trying to assign a low level I get
Cannot write into /opt/Navisphere/seccli/CST/certConfig.security/.
Permission denied. Caller not privileged
Cannot write encrypted_user info to the security file
It is not an editable file, how can I assign it the low level ..?
Dear cdienger: Executing the command as user nagios and root results in a medium level.
But when trying to assign a low level I get
Cannot write into /opt/Navisphere/seccli/CST/certConfig.security/.
Permission denied. Caller not privileged
Cannot write encrypted_user info to the security file
It is not an editable file, how can I assign it the low level ..?
Re: Query monitoring EMC VNX
If the command returns Medium for both nagiso and root then I think that setting can be ignored. Try running this instead as nagios:
./check_emc_clariion.pl -H 192.168.5.1 -u sysadmin -p sysadmin -t faults
and when it prompts:
Would you like to [1]Accept the certificate for this session, [2] Accept and store, [3] Reject the certificate?
Please input your selection(The default selection is [1]):
select option [2] and then again run:
./check_emc_clariion.pl -H 192.168.5.1 -u sysadmin -p sysadmin -t faults
./check_emc_clariion.pl -H 192.168.5.1 -u sysadmin -p sysadmin -t faults
and when it prompts:
Would you like to [1]Accept the certificate for this session, [2] Accept and store, [3] Reject the certificate?
Please input your selection(The default selection is [1]):
select option [2] and then again run:
./check_emc_clariion.pl -H 192.168.5.1 -u sysadmin -p sysadmin -t faults
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Query monitoring EMC VNX
As a nagios user I have returned to execute the command but I get the result the option to add the certificate does not appear
The array is operating normally..
but the option to add certificate does not appear..
as a nagios user I have executed:
Add naviseccli bin directory, which is usually /opt/Navisphere/bin, to your system PATH. For example, add the following
line to ~/.bash_profile & ~/.bashrc and then execute this file to make the setting effective by running source ~/.bash_profile
or source ~/.bashrc.
PATH=$PATH:/opt/Navisphere/bin
export PATH
naviseccli -user usename -password password -h sp_ip -scope 0 -np getagent
get data from my SAN but I can not add the certificate again.
The array is operating normally..
but the option to add certificate does not appear..
as a nagios user I have executed:
Add naviseccli bin directory, which is usually /opt/Navisphere/bin, to your system PATH. For example, add the following
line to ~/.bash_profile & ~/.bashrc and then execute this file to make the setting effective by running source ~/.bash_profile
or source ~/.bashrc.
PATH=$PATH:/opt/Navisphere/bin
export PATH
naviseccli -user usename -password password -h sp_ip -scope 0 -np getagent
get data from my SAN but I can not add the certificate again.