check_snmp_synology - False Positives

An open discussion forum for obtaining help with Nagios Core. Nagios Core users of all experience levels are welcome here. Subforum have been created for the discussion of Nagios Core and Nagios Plugin development.

NOTE: The SourceForge.net mailing lists have been deprecated in favor of this forum in order to expedite support and provide additional features not available on the old mailing list.

Re: check_snmp_synology - False Positives

Postby chris1337c » Fri Jan 04, 2019 10:55 am

Pm'd you the link to the output files
chris1337c
 
Posts: 68
Joined: Wed Dec 26, 2018 2:31 pm

Re: check_snmp_synology - False Positives

Postby cdienger » Fri Jan 04, 2019 11:27 am

File received but I missed the part where it was filtered on destination port 161. The problem with this is that it will only capture one side of the traffic - we only see the requests going out from the Nagios machine but no responses from the synology server this way.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
User avatar
cdienger
Support Tech
 
Posts: 2682
Joined: Tue Feb 07, 2017 11:26 am

Re: check_snmp_synology - False Positives

Postby chris1337c » Mon Jan 07, 2019 10:27 am

How do I correct this?
chris1337c
 
Posts: 68
Joined: Wed Dec 26, 2018 2:31 pm

Re: check_snmp_synology - False Positives

Postby chris1337c » Mon Jan 07, 2019 3:59 pm

This synology box hates me:


Event Start Time Event End Time Event Duration Event/State Type Event/State Information
01-02-2019 00:00:00 01-02-2019 08:32:47 0d 8h 32m 47s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-02-2019 08:32:47 01-02-2019 09:17:48 0d 0h 45m 1s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-02-2019 09:17:48 01-02-2019 16:43:24 0d 7h 25m 36s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-02-2019 16:43:24 01-03-2019 00:00:00 0d 7h 16m 36s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-03-2019 00:00:00 01-03-2019 04:33:48 0d 4h 33m 48s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-03-2019 04:33:48 01-03-2019 05:24:12 0d 0h 50m 24s SERVICE CRITICAL (HARD) (Service check timed out after 180.01 seconds)
01-03-2019 05:24:12 01-04-2019 00:00:00 0d 18h 35m 48s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-04-2019 00:00:00 01-04-2019 00:58:22 0d 0h 58m 22s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-04-2019 00:58:22 01-04-2019 04:39:12 0d 3h 40m 50s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-04-2019 04:39:12 01-04-2019 05:29:35 0d 0h 50m 23s SERVICE CRITICAL (HARD) (Service check timed out after 180.01 seconds)
01-04-2019 05:29:35 01-04-2019 08:25:31 0d 2h 55m 56s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-04-2019 08:25:31 01-05-2019 00:00:00 0d 15h 34m 29s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-05-2019 00:00:00 01-05-2019 04:37:35 0d 4h 37m 35s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-05-2019 04:37:35 01-05-2019 05:17:58 0d 0h 40m 23s SERVICE CRITICAL (HARD) (Service check timed out after 180.05 seconds)
01-05-2019 05:17:58 01-06-2019 00:00:00 0d 18h 42m 2s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-06-2019 00:00:00 01-07-2019 00:00:00 1d 0h 0m 0s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-07-2019 00:00:00 01-07-2019 04:20:58 0d 4h 20m 58s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-07-2019 04:20:58 01-07-2019 05:02:31 0d 0h 41m 33s SERVICE CRITICAL (HARD) (Service check timed out after 180.02 seconds)
01-07-2019 05:02:31 01-07-2019 05:23:25 0d 0h 20m 54s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-07-2019 05:23:25 01-07-2019 08:37:53 0d 3h 14m 28s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-07-2019 08:37:53 01-07-2019 09:13:09 0d 0h 35m 16s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-07-2019 09:13:09 01-07-2019 09:31:25 0d 0h 18m 16s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-07-2019 09:31:25 01-07-2019 09:39:24 0d 0h 7m 59s SERVICE DOWNTIME START Start of scheduled downtime
01-07-2019 09:39:24 01-07-2019 10:22:54 0d 0h 43m 30s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-07-2019 10:22:54 01-07-2019 11:27:53 0d 1h 4m 59s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-07-2019 11:27:53 01-07-2019 11:31:18 0d 0h 3m 25s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-07-2019 11:31:18 01-07-2019 12:30:31 0d 0h 59m 13s SERVICE DOWNTIME END End of scheduled downtime
01-07-2019 12:30:31 01-07-2019 12:52:27 0d 0h 21m 56s SERVICE CRITICAL (HARD) (Service check timed out after 180.01 seconds)
01-07-2019 12:52:27 01-07-2019 13:37:50 0d 0h 45m 23s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-07-2019 13:37:50 01-07-2019 14:00:28 0d 0h 22m 38s SERVICE OK (HARD) Synology model: "RS2414rp+"
01-07-2019 14:00:28 01-07-2019 14:40:50 0d 0h 40m 22s SERVICE CRITICAL (HARD) (Service check timed out after 180.01 seconds)
01-07-2019 14:40:50 01-07-2019 14:59:02 0d 0h 18m 12s+ SERVICE OK (HARD) Synology model: "RS2414rp+"
chris1337c
 
Posts: 68
Joined: Wed Dec 26, 2018 2:31 pm

Re: check_snmp_synology - False Positives

Postby cdienger » Tue Jan 08, 2019 10:39 am

Remove the references to filter just on the destination ip and port. Try:

nohup tcpdump -Z root -s 0 -i any "host IPHEREOBV and port 161" -C 10 -W 5 -w output.pcap &

Note that this will still only capture port 161 traffic to the IPHEREOBV machine, but will capture both sides of the communication.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
User avatar
cdienger
Support Tech
 
Posts: 2682
Joined: Tue Feb 07, 2017 11:26 am

Re: check_snmp_synology - False Positives

Postby chris1337c » Tue Jan 08, 2019 12:52 pm

Just submitted the request, I will PM you the logs again. I am going to do some reading on wireshark, thank you for your help guy.
chris1337c
 
Posts: 68
Joined: Wed Dec 26, 2018 2:31 pm

Re: check_snmp_synology - False Positives

Postby cdienger » Tue Jan 08, 2019 5:31 pm

Sounds good :)
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
User avatar
cdienger
Support Tech
 
Posts: 2682
Joined: Tue Feb 07, 2017 11:26 am

Re: check_snmp_synology - False Positives

Postby chris1337c » Mon Jan 14, 2019 4:00 pm

Sent
chris1337c
 
Posts: 68
Joined: Wed Dec 26, 2018 2:31 pm

Re: check_snmp_synology - False Positives

Postby cdienger » Tue Jan 15, 2019 2:12 pm

It looks like the plugin is pretty chatty and requests a ton of data when it runs which is likely leading to the timeouts. Looking at the reviews for this plugin on the exchange shows other users are running into similar problems with it. Excluding some of the requests would likely make it work better and it looks like one user may have done this:

Nice plugin
byfledorze, June 6, 2018
I added more generic options -r and -e to include/exclude elements, in replacement of -i option that allows to ignore DSM updates only. Tell me if you want the code.


The part of the code that appears to do the requests start on 208:

Code: Select all
RAIDName=$(echo "$syno" | grep $OID_RAIDName | cut -d "=" -f2)
    RAIDStatus=$(echo "$syno" | grep $OID_RAIDStatus | cut -d "=" -f2 | sed 's/^[ \t]*//;s/[ \t]*$//')
    systemStatus=$(echo "$syno" | grep $OID_systemStatus | cut -d "=" -f2 | sed 's/^[ \t]*//;s/[ \t]*$//')
    temperature=$(echo "$syno" | grep $OID_temperature | cut -d "=" -f2 | sed 's/^[ \t]*//;s/[ \t]*$//')
    powerStatus=$(echo "$syno" | grep $OID_powerStatus | cut -d "=" -f2 | sed 's/^[ \t]*//;s/[ \t]*$//')
    systemFanStatus=$(echo "$syno" | grep $OID_systemFanStatus | cut -d "=" -f2 | sed 's/^[ \t]*//;s/[ \t]*$//')
    CPUFanStatus=$(echo "$syno" | grep $OID_CPUFanStatus | cut -d "=" -f2 | sed 's/^[ \t]*//;s/[ \t]*$//')


Commenting out any lines requesting unnecessary data may help here.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
User avatar
cdienger
Support Tech
 
Posts: 2682
Joined: Tue Feb 07, 2017 11:26 am

Re: check_snmp_synology - False Positives

Postby chris1337c » Mon Jan 21, 2019 11:24 am

I have disabled more than half of the plugin, we are going to try and go a different route to monitoring this device. Thank you for all of your help.
chris1337c
 
Posts: 68
Joined: Wed Dec 26, 2018 2:31 pm

PreviousNext

Return to Nagios Core

Who is online

Users browsing this forum: No registered users and 27 guests