Monitoring client with public address CRITICAL

[abrist]

Alright, let us know!

[ziedmahjoub]

hi jdalrymple ,

it worked fine , i'm monitoring now the distant computer , like you said ,
the solution was the NAT traffic i just added the 2 ports 12489 and 5666 in the NAT configuration of the internet router behind the windows box with the private address of the windows box .

But now i have something ask :

If i want to monitor more then one client which are connecting in the internet with the same public address (which is my case) how it will be the host definition ?
i just need to change the host_name and let the same public ip address and Nagios core will take information from all computers using that public ip ?

[jdalrymple]

Glad I could help ziedmahjoub,

In order to monitor more than one host internally you'll have to do some more complicated NATting on the firewall then make the appropriate adjustments in your service definitions. Also, just FYI it's likely your host definition is only checking the firewall since it just pings the host by default to see if it's alive.

For the service checks specifically though I recommend this:

Code: Select all

NAT1 <external_ip>:5666  <----> <internal_ip1>:5666
NAT2 <external_ip>:12489 <----> <internal_ip1>:12489
NAT3 <external_ip>:5667  <----> <internal_ip2>:5666
NAT4 <external_ip>:12490 <----> <internal_ip2>:12489
NAT5 <external_ip>:5668  <----> <internal_ip3>:5666
NAT6 <external_ip>:12491 <----> <internal_ip3>:12489

Then for check_nrpe on host 2 you would use this instead:

Code: Select all

check_nrpe -H <external_ip> -p 5667

It's a bit clumsy but it is how you would achieve those results without creating 1 proxy host inside the network. Does this help?

[ziedmahjoub]

so you mean jdalrymple , that i just need to increase the default port numbers (which are 12489 & 5666) by +1 for each host i wanna add , right ?
for this its ok i understand it thanks .

and FYI the client is not using a proper "firewall" like Cisco ASA or Cyberoam , its is just a simple one implemented in the internet modem/router
its just i didn't NATted the 12489 and 5666 ports.

the idea is clear jdalrymple tnaks a lot

just i need to try it and see if it works ,after it works i think i will go for the distributed method but i have no idea how to install the NRDP and i've seen its not that simple like NSClient++

[jdalrymple]

You're welcome ziedmahjoub,


For a small number of hosts I think that this process should work for you. If you have a larger scale installation behind the firewall you'll definitely be best serviced by doing a distributed Nagios configuration. You're correct, it's definitely not a trivial process, but it is well documented.
http://assets.nagios.com/downloads/gene ... utions.pdf
http://exchange.nagios.org/directory/Ad ... Monitoring
Let us know if we can help further.

[ziedmahjoub]

hi jdalrymple,

i didn't know how to modify the check_nt command definition to put multiple ports that nagios can take them (12489,12490,12491n...)

this is my check_net command definition

Code: Select all

define command{
command_name check_nt
command_line $USER1$/check_nt -H $HOSTADDRESS$ -p 12489  -s nagiosadmin -t 30 -v $ARG1$ $ARG2$ $ARG3$
}

[jdalrymple]

Hi ziedmahjoub,

You won't define the multiple instances using a command definition, but instead you'll have multiple services to accommodate multiple hosts. Let's rewrite your command so that it's easier to illustrate:

Code: Select all

define command{
command_name check_nt
command_line $USER1$/check_nt -H $HOSTADDRESS$ -p $ARG1$  -s $ARG2$ -v $ARG3$ -w $ARG4$ -c $ARG5$
}

And then your services will look like this:

Code: Select all

define service {
        host_name                       Windows
        service_description             CPU Usage Host 1
        check_command                   check_nt!12489!nagiosadmin!CPULOAD!80!90
        max_check_attempts              1
        check_interval                  10
        retry_interval                  1
        check_period                    24x7
        notification_interval           60
        notification_period             24x7
        contacts                        nagiosadmin
        register                        1
        }

Code: Select all

define service {
        host_name                       Windows
        service_description             CPU Usage Host 2
        check_command                   check_nt!12490!nagiosadmin!CPULOAD!80!90
        max_check_attempts              1
        check_interval                  10
        retry_interval                  1
        check_period                    24x7
        notification_interval           60
        notification_period             24x7
        contacts                        nagiosadmin
        register                        1
        }

Code: Select all

define service {
        host_name                       Windows
        service_description             CPU Usage Host 3
        check_command                   check_nt!12491!nagiosadmin!CPULOAD!80!90
        max_check_attempts              1
        check_interval                  10
        retry_interval                  1
        check_period                    24x7
        notification_interval           60
        notification_period             24x7
        contacts                        nagiosadmin
        register                        1
        }

Does this logic make sense?

You could actually make multiple hosts with the same address to make things look slightly more sensible, then assign the services to those separate hosts, but that's not necessary to get the job done - it would be just for aesthetics.

[ziedmahjoub]

hi ,
i found a solution already but i think its a bit clumsy

i've made another check_nt which i made

Code: Select all

define command{ 
command_name check_nt2 
command_line $USER1$/check_nt -H $HOSTADDRESS$ -p 12490 -s securepassword -t 30 -v $ARG1$ $ARG2$ $ARG2$
} 

and after i made the services on the new host with that check_nt2

i will see your solution , give a moment

[ziedmahjoub]

i think your solution is better , because in mine i need to make a new check_nt each time i need to change port or password or any argument so yours is better i will try it and give feedback
and we close this thread.

[ziedmahjoub]

it worked fine , its ok

thanks nagios team especially jdalrymple ^^