NRPE issue

Post by **lmiltchev** » Tue Aug 04, 2015 1:40 pm

Let's try this one more time. Stop the iptables on the client:

service iptables stop

Make sure that 127.0.0.1 IP has been added to the "/etc/xinetd.d/nrpe":

Code: Select all

grep "127.0.0.1" /etc/xinetd.d/nrpe

Run this locally (on the client):

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H localhost -p 5666
/usr/local/nagios/libexec/check_nrpe -H 127.0.0.1 -p 5666
/usr/local/nagios/bin/nrpe -V
cat /etc/hosts.allow
cat /etc/hosts.deny

Run the following on the XI server:

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H 10.10.82.38
nmap 10.10.82.38 -p 5666

raamardhani7 · Post by **raamardhani7** » Tue Aug 04, 2015 1:46 pm

lmiltchev wrote:Let's try this one more time. Stop the iptables on the client:
Code: Select all
service iptables stop
Make sure that 127.0.0.1 IP has been added to the "/etc/xinetd.d/nrpe":
Code: Select all
grep "127.0.0.1" /etc/xinetd.d/nrpe
Run this locally (on the client):
Code: Select all
/usr/local/nagios/libexec/check_nrpe -H localhost -p 5666
/usr/local/nagios/libexec/check_nrpe -H 127.0.0.1 -p 5666
/usr/local/nagios/bin/nrpe -V
cat /etc/hosts.allow
cat /etc/hosts.deny
Run the following on the XI server:
Code: Select all
/usr/local/nagios/libexec/check_nrpe -H 10.10.82.38
nmap 10.10.82.38 -p 5666

Hi..

Seems like things are in the same shape.

Please find the output:

Output from the Client serveR:

[root@uusrcpmwik00 libexec]# service iptables stop
iptables: Setting chains to policy ACCEPT: filter mangle na[ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
[root@uusrcpmwik00 libexec]# grep "127.0.0.1" /etc/xinetd.d/nrpe
only_from = 127.0.0.1 10.10.83.90
[root@uusrcpmwik00 libexec]# /usr/local/nagios/libexec/check_nrpe -H localhost -p 5666
connect to address ::1 port 5666: Connection refused
connect to address 127.0.0.1 port 5666: Connection refused
connect to host localhost port 5666: Connection refused[root@uusrcpmwik00 libexec]#
[root@uusrcpmwik00 libexec]# /usr/local/nagios/libexec/check_nrpe -H 127.0.0.1 -p 5666
connect to address 127.0.0.1 port 5666: Connection refused
connect to host 127.0.0.1 port 5666: Connection refused[root@uusrcpmwik00 libexec]#
[root@uusrcpmwik00 libexec]# /usr/local/nagios/bin/nrpe -V

NRPE - Nagios Remote Plugin Executor
Copyright (c) 1999-2008 Ethan Galstad ([email protected])
Version: 2.15
Last Modified: 09-06-2013
License: GPL v2 with exemptions (-l for more info)
SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required

***************************************************************
** POSSIBLE SECURITY RISK - COMMAND ARGUMENTS ARE SUPPORTED! **
** Read the NRPE SECURITY file for more information **
***************************************************************

***************************************************************
** POSSIBLE SECURITY RISK - TCP WRAPPERS ARE NOT AVAILABLE! **
** Read the NRPE SECURITY file for more information **
***************************************************************

Usage: nrpe [-n] -c <config_file> [-4|-6] <mode>

Options:
-n = Do not use SSL
<config_file> = Name of config file to use
-4 = use ipv4 only
-6 = use ipv6 only
<mode> = One of the following operating modes:
-i = Run as a service under inetd or xinetd
-d = Run as a standalone daemon
-d -s = Run as a subsystem under AIX

Notes:
This program is designed to process requests from the check_nrpe
plugin on the host(s) running Nagios. It can run as a service
under inetd or xinetd (read the docs for info on this), or as a
standalone daemon. Once a request is received from an authorized
host, NRPE will execute the command/plugin (as defined in the
config file) and return the plugin output and return code to the
check_nrpe plugin.

[root@uusrcpmwik00 libexec]# cat /etc/hosts.allow
#
# hosts.allow This file contains access rules which are used to
# allow or deny connections to network services that
# either use the tcp_wrappers library or that have been
# started through a tcp_wrappers-enabled xinetd.
#
# See 'man 5 hosts_options' and 'man 5 hosts_access'
# for information on rule syntax.
# See 'man tcpd' for information on tcp_wrappers
#

[root@uusrcpmwik00 libexec]# cat /etc/hosts.deny
#
# hosts.deny This file contains access rules which are used to
# deny connections to network services that either use
# the tcp_wrappers library or that have been
# started through a tcp_wrappers-enabled xinetd.
#
# The rules in this file can also be set up in
# /etc/hosts.allow with a 'deny' option instead.
#
# See 'man 5 hosts_options' and 'man 5 hosts_access'
# for information on rule syntax.
# See 'man tcpd' for information on tcp_wrappers
#

Output on Nagios XI server:

[root@lussvpnagiosxi00 libexec]# /usr/local/nagios/libexec/check_nrpe -H 10.10.82.38
connect to address 10.10.82.38 port 5666: Connection refused
connect to host 10.10.82.38 port 5666: Connection refusedYou have new mail in /var/spool/mail/root
[root@lussvpnagiosxi00 libexec]#
[root@lussvpnagiosxi00 libexec]# nmap 10.10.82.38 -p 5666

Starting Nmap 5.51 ( http://nmap.org ) at 2015-08-04 13:46 CDT
Nmap scan report for 10.10.82.38
Host is up (0.00038s latency).
PORT STATE SERVICE
5666/tcp closed nrpe

Nmap done: 1 IP address (1 host up) scanned in 13.12 seconds
[root@lussvpnagiosxi00 libexec]#

Post by **tgriep** » Tue Aug 04, 2015 4:24 pm

From the uusrcpmwik00 system, can you run the following and post the results?

Code: Select all

ps aux
service iptables status

Can you upload the following files to this post?

Code: Select all

 /usr/local/nagios/etc/nrpe.cfg
/etc/xinetd.d/nrpe

raamardhani7 · Post by **raamardhani7** » Tue Aug 04, 2015 7:12 pm

tgriep wrote:From the uusrcpmwik00 system, can you run the following and post the results?
Code: Select all
ps aux
service iptables status
Can you upload the following files to this post?
Code: Select all
 /usr/local/nagios/etc/nrpe.cfg
/etc/xinetd.d/nrpe

Hi,
Please find the output :

Code: Select all

[root@uusrcpmwik00 ~]# ps aux
USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         1  0.0  0.0  25592  1368 ?        Ss   Jul24   0:02 /sbin/init
root         2  0.0  0.0      0     0 ?        S    Jul24   0:00 [kthreadd]
root         3  0.0  0.0      0     0 ?        S    Jul24   0:06 [migration/0]
root         4  0.0  0.0      0     0 ?        S    Jul24   0:02 [ksoftirqd/0]
root         5  0.0  0.0      0     0 ?        S    Jul24   0:00 [stopper/0]
root         6  0.0  0.0      0     0 ?        S    Jul24   0:00 [watchdog/0]
root         7  0.0  0.0      0     0 ?        S    Jul24   0:06 [migration/1]
root         8  0.0  0.0      0     0 ?        S    Jul24   0:00 [stopper/1]
root         9  0.0  0.0      0     0 ?        S    Jul24   0:02 [ksoftirqd/1]
root        10  0.0  0.0      0     0 ?        S    Jul24   0:00 [watchdog/1]
root        11  0.0  0.0      0     0 ?        S    Jul24   0:25 [events/0]
root        12  0.0  0.0      0     0 ?        S    Jul24   0:50 [events/1]
root        13  0.0  0.0      0     0 ?        S    Jul24   0:00 [cgroup]
root        14  0.0  0.0      0     0 ?        S    Jul24   0:00 [khelper]
root        15  0.0  0.0      0     0 ?        S    Jul24   0:00 [netns]
root        16  0.0  0.0      0     0 ?        S    Jul24   0:00 [async/mgr]
root        17  0.0  0.0      0     0 ?        S    Jul24   0:00 [pm]
root        18  0.0  0.0      0     0 ?        S    Jul24   0:02 [sync_supers]
root        19  0.0  0.0      0     0 ?        S    Jul24   0:03 [bdi-default]
root        20  0.0  0.0      0     0 ?        S    Jul24   0:00 [kintegrityd/0]
root        21  0.0  0.0      0     0 ?        S    Jul24   0:00 [kintegrityd/1]
root        22  0.0  0.0      0     0 ?        S    Jul24   0:05 [kblockd/0]
root        23  0.0  0.0      0     0 ?        S    Jul24   0:06 [kblockd/1]
root        24  0.0  0.0      0     0 ?        S    Jul24   0:00 [kacpid]
root        25  0.0  0.0      0     0 ?        S    Jul24   0:00 [kacpi_notify]
root        26  0.0  0.0      0     0 ?        S    Jul24   0:00 [kacpi_hotplug]
root        27  0.0  0.0      0     0 ?        S    Jul24   0:00 [ata_aux]
root        28  0.0  0.0      0     0 ?        S    Jul24   0:00 [ata_sff/0]
root        29  0.0  0.0      0     0 ?        S    Jul24   0:00 [ata_sff/1]
root        30  0.0  0.0      0     0 ?        S    Jul24   0:00 [ksuspend_usbd]
root        31  0.0  0.0      0     0 ?        S    Jul24   0:00 [khubd]
root        32  0.0  0.0      0     0 ?        S    Jul24   0:00 [kseriod]
root        33  0.0  0.0      0     0 ?        S    Jul24   0:00 [md/0]
root        34  0.0  0.0      0     0 ?        S    Jul24   0:00 [md/1]
root        35  0.0  0.0      0     0 ?        S    Jul24   0:00 [md_misc/0]
root        36  0.0  0.0      0     0 ?        S    Jul24   0:00 [md_misc/1]
root        37  0.0  0.0      0     0 ?        S    Jul24   0:00 [linkwatch]
root        39  0.0  0.0      0     0 ?        S    Jul24   0:00 [khungtaskd]
root        40  0.0  0.0      0     0 ?        S    Jul24   0:03 [kswapd0]
root        41  0.0  0.0      0     0 ?        SN   Jul24   0:00 [ksmd]
root        42  0.0  0.0      0     0 ?        SN   Jul24   0:02 [khugepaged]
root        43  0.0  0.0      0     0 ?        S    Jul24   0:00 [aio/0]
root        44  0.0  0.0      0     0 ?        S    Jul24   0:00 [aio/1]
root        45  0.0  0.0      0     0 ?        S    Jul24   0:00 [crypto/0]
root        46  0.0  0.0      0     0 ?        S    Jul24   0:00 [crypto/1]
root        54  0.0  0.0      0     0 ?        S    Jul24   0:00 [kthrotld/0]
root        55  0.0  0.0      0     0 ?        S    Jul24   0:00 [kthrotld/1]
root        56  0.0  0.0      0     0 ?        S    Jul24   0:00 [pciehpd]
root        58  0.0  0.0      0     0 ?        S    Jul24   0:00 [kpsmoused]
root        59  0.0  0.0      0     0 ?        S    Jul24   0:00 [usbhid_resumer]
root        60  0.0  0.0      0     0 ?        S    Jul24   0:00 [deferwq]
root        92  0.0  0.0      0     0 ?        S    Jul24   0:00 [kdmremove]
root        93  0.0  0.0      0     0 ?        S    Jul24   0:00 [kstriped]
root       197  0.0  0.0      0     0 ?        S    Jul24   0:14 [mpt_poll_0]
root       198  0.0  0.0      0     0 ?        S    Jul24   0:00 [mpt/0]
root       207  0.0  0.0      0     0 ?        S    Jul24   0:00 [scsi_eh_0]
root       211  0.0  0.0      0     0 ?        S    Jul24   0:00 [scsi_eh_1]
root       212  0.0  0.0      0     0 ?        S    Jul24   0:00 [scsi_eh_2]
root       325  0.0  0.0      0     0 ?        S    Jul24   0:00 [kdmflush]
root       327  0.0  0.0      0     0 ?        S    Jul24   0:00 [kdmflush]
root       344  0.0  0.0      0     0 ?        S    Jul24   0:29 [jbd2/dm-0-8]
root       345  0.0  0.0      0     0 ?        S    Jul24   0:00 [ext4-dio-unwrit]
root       441  0.0  0.0  11180   564 ?        S<s  Jul24   0:00 /sbin/udevd -d
root       668  0.0  0.0      0     0 ?        S    Jul24   0:12 [vmmemctl]
root       785  0.0  0.0      0     0 ?        S    Jul24   0:00 [kdmflush]
root       789  0.0  0.0      0     0 ?        S    Jul24   0:00 [kdmflush]
root       835  0.0  0.0      0     0 ?        S    Jul24   0:00 [jbd2/sdb1-8]
root       836  0.0  0.0      0     0 ?        S    Jul24   0:00 [ext4-dio-unwrit]
root       883  0.0  0.0      0     0 ?        S    Jul24   0:00 [kauditd]
root       940  0.0  0.0      0     0 ?        S    Jul24   0:08 [flush-253:0]
root      1443  0.0  0.0  93156   748 ?        S<sl Jul24   0:01 auditd
root      1465  0.0  0.0   6160   464 ?        Ss   Jul24   0:00 /sbin/portreserve
root      1473  0.0  0.1 255432  2064 ?        Sl   Jul24   0:05 /sbin/rsyslogd -i /var/run/syslogd.pid -c 5
root      1503  0.0  0.0  10896   540 ?        Ss   Jul24   2:28 irqbalance --pid=/var/run/irqbalance.pid
rpc       1524  0.0  0.0  18976   784 ?        Ss   Jul24   0:01 rpcbind
root      1538  0.0  0.1 240368  2108 ?        Ss   Jul24   0:25 /usr/sbin/sssd -f -D
root      1539  0.0  1.8 342500 36312 ?        S    Jul24   2:49 /usr/libexec/sssd/sssd_be --domain fossil.com --debug-to-files
root      1540  0.0  0.2 241008  5408 ?        S    Jul24   1:51 /usr/libexec/sssd/sssd_nss --debug-to-files
root      1541  0.0  0.1 229256  2504 ?        S    Jul24   0:06 /usr/libexec/sssd/sssd_pam --debug-to-files
root      1542  0.0  0.1 226960  1976 ?        S    Jul24   0:07 /usr/libexec/sssd/sssd_ssh --debug-to-files
root      5107  0.0  0.0  11176   660 ?        S<   13:13   0:00 /sbin/udevd -d
root      5109  0.0  0.0  11176   636 ?        S<   13:13   0:00 /sbin/udevd -d
postfix   5353  0.0  0.1  85112  3436 ?        S    17:41   0:00 pickup -l -t fifo -u
root      5429  0.0  0.0  21716  1004 ?        Ss   13:15   0:00 xinetd -stayalive -pidfile /var/run/xinetd.pid
dbus      5458  0.0  0.0  36120  1228 ?        Ssl  Jul24   0:00 dbus-daemon --system
root      5470  0.0  0.1  83532  2772 ?        Ss   Jul24   0:02 NetworkManager --pid-file=/var/run/NetworkManager/NetworkManager.pid
root      5476  0.0  0.0  58136  1500 ?        S    Jul24   0:00 /usr/sbin/modem-manager
68        5512  0.0  0.1  44956  3700 ?        Ssl  Jul24   0:04 hald
root      5514  0.0  0.0  20400   896 ?        S    Jul24   0:00 hald-runner
root      5522  0.0  0.0  44988   416 ?        Ss   Jul24   0:00 /usr/sbin/wpa_supplicant -c /etc/wpa_supplicant/wpa_supplicant.conf -B -u -f /var/log/wpa_supplicant.lo
root      5590  0.0  0.0  22520   940 ?        S    Jul24   0:00 hald-addon-input: Listening on /dev/input/event0 /dev/input/event2
68        5591  0.0  0.0  18004   968 ?        S    Jul24   0:16 /usr/libexec/hald-addon-acpi
root      5618  0.0  0.0  91276  1464 ?        Ssl  Jul24   0:00 pcscd
root      5650  0.0  0.0  15308   676 ?        S    Jul24   0:20 /opt/storix/bin/lighttpd -f /storix/config/sthttpd.conf
root      5679  0.2  0.1 115600  2292 ?        S    Jul24  36:28 /opt/storix/tcl/bin/tcl /opt/storix/bin/stqdaemon
root      5771  0.0  0.0  66216  1164 ?        Ss   Jul24   0:00 /usr/sbin/sshd
root      5848  0.0  0.1  82940  2084 ?        Ss   Jul24   0:04 /usr/libexec/postfix/master
postfix   5861  0.0  0.1  85288  2276 ?        S    Jul24   0:00 qmgr -l -t fifo -u
root      5873  0.0  0.0 114652   932 ?        Ss   Jul24   0:00 /usr/sbin/abrtd
root      5881  0.0  0.0 112540   944 ?        Ss   Jul24   0:01 abrt-dump-oops -d /var/spool/abrt -rwx /var/log/messages
mongod    5909  0.2  1.6 10086836 31024 ?      Sl   Jul24  38:43 /usr/bin/mongod -f /etc/mongod.conf
root      5950  0.0  0.5 206788 10528 ?        S    Jul24   1:18 /usr/bin/python /usr/sbin/osad --pid-file /var/run/osad.pid
root      5960  0.0  0.0 116860  1328 ?        Ss   Jul24   0:06 crond
root      5993  0.0  0.0  21104   472 ?        Ss   Jul24   0:00 /usr/sbin/atd
root      6021  0.0  0.0  15288  1032 ?        S    Jul24   6:45 ./wrapper ./agent.conf wrapper.pidfile=../tmp/teagent.pid wrapper.daemonize=TRUE
root      6022  0.1  4.4 1585228 85632 ?       Sl   Jul24  16:57 /usr/local/tripwire/te/agent/jre/bin/java -da -server -Dtw.server=false -Djava.security.manager=com.tri
root      6051  0.0  0.8 713732 17260 ?        Ssl  Jul24   3:41 python /usr/bin/goferd
root      6072  0.0  0.2 438148  4572 ?        Sl   Jul24   0:00 libvirtd --daemon
root      6096  0.0  0.0 100928   672 ?        Ss   Jul24   0:00 rhnsd
root      6105  0.0  0.0 108336   696 ?        Ss   Jul24   0:00 /usr/bin/rhsmcertd
root      6124  0.0  0.0  23036   512 ?        Ss   Jul24   0:00 /usr/sbin/oddjobd -p /var/run/oddjobd.pid -t 300
root      6206  0.0  0.0  64236  1100 ?        Ss   Jul24   0:00 /usr/sbin/certmonger -S -p /var/run/certmonger.pid
nobody    6256  0.0  0.0  12892   672 ?        S    Jul24   0:00 /usr/sbin/dnsmasq --strict-order --pid-file=/var/run/libvirt/network/default.pid --conf-file= --except-
root      6261  0.0  0.0   4064   516 tty1     Ss+  Jul24   0:00 /sbin/mingetty /dev/tty1
root      6263  0.0  0.0   4064   516 tty2     Ss+  Jul24   0:00 /sbin/mingetty /dev/tty2
root      6266  0.0  0.0   4064   516 tty3     Ss+  Jul24   0:00 /sbin/mingetty /dev/tty3
root      6268  0.0  0.0   4064   520 tty4     Ss+  Jul24   0:00 /sbin/mingetty /dev/tty4
root      6270  0.0  0.0   4064   520 tty5     Ss+  Jul24   0:00 /sbin/mingetty /dev/tty5
root      6272  0.0  0.0   4064   512 tty6     Ss+  Jul24   0:00 /sbin/mingetty /dev/tty6
root     15922  0.5  0.2 117272  4172 ?        Ss   19:07   0:00 sshd: rardhani [priv]
rardhani 15976  0.0  0.1 117272  2192 ?        S    19:08   0:00 sshd: rardhani@pts/0
rardhani 15977  0.1  0.0 119228  1904 pts/0    Ss   19:08   0:00 -sh
root     16010  0.1  0.1 209320  3060 pts/0    S    19:08   0:00 sudo su -
root     16011  0.0  0.1 199252  2744 pts/0    S    19:08   0:00 /bin/su -
root     16012  0.0  0.0 108472  1856 pts/0    S    19:08   0:00 -bash
root     16073  7.0  0.0 121128  1244 pts/0    R+   19:08   0:00 ps aux

Code: Select all

[root@uusrcpmwik00 ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination
1    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:5666
2    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:5666
3    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:53
4    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:53
5    ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:67
6    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:67

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination
1    ACCEPT     all  --  0.0.0.0/0            192.168.122.0/24    state RELATED,ESTABLISHED
2    ACCEPT     all  --  192.168.122.0/24     0.0.0.0/0
3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
4    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-port-unreachable
5    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-port-unreachable

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

Table: mangle
Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination

Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
num  target     prot opt source               destination
1    CHECKSUM   udp  --  0.0.0.0/0            0.0.0.0/0           udp dpt:68 CHECKSUM fill

Table: nat
Chain PREROUTING (policy ACCEPT)
num  target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
num  target     prot opt source               destination
1    MASQUERADE  tcp  --  192.168.122.0/24    !192.168.122.0/24    masq ports: 1024-65535
2    MASQUERADE  udp  --  192.168.122.0/24    !192.168.122.0/24    masq ports: 1024-65535
3    MASQUERADE  all  --  192.168.122.0/24    !192.168.122.0/24

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination

Code: Select all

[root@uusrcpmwik00 ~]# cat /etc/xinetd.d/nrpe
# default: on
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
        flags           = REUSE
        socket_type     = stream
        port            = 5666
        wait            = no
        user            = nagios
        group           = nagios
        server          = /usr/local/nagios/bin/nrpe
        server_args     = -c /usr/local/nagios/etc/nrpe.cfg --inetd
        log_on_failure  += USERID
        disable         = no
        only_from = 127.0.0.1 10.10.83.90
        nrpe 5666/tcp
}

Post by **tgriep** » Wed Aug 05, 2015 9:07 am

In the nrpe.cfg file change the following from
debug=0
to
debug=1

Then restart xinetd

Code: Select all

service xinetd restart

Now lets test and see if we can get some debugging. Run the following on the remote server.

Code: Select all

service iptables stop
/usr/local/nagios/libexec/check_nrpe -H localhost
service iptables start

Then run the following and post it here to see if we can get some debug information.

Code: Select all

tail -50 /var/log/messages

The only thing we can think of is that tripwire is stopping NRPE from running or that the MASQUERADE for the firewall is blocking the port.

raamardhani7 · Post by **raamardhani7** » Wed Aug 05, 2015 9:11 am

Thanks a lot all,

Issue is sorted out and the things are working fine now..

/usr/local/nagios/libexec/check_nrpe -H uusrcpmwik00
NRPE v2.15

[/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -i] has done the trick.

Now, whenever I am executing the commands, it is not taking..

/usr/local/nagios/libexec/check_nrpe -H uusrcpmwik00 -t 30 -c check_cpu_stats.sh -a '-w 80 -c 90'
NRPE: Command 'check_cpu_stats.sh' not defined

Can someone help me here please..

Post by **tgriep** » Wed Aug 05, 2015 9:35 am

You do not need the .sh in the command. Try running it like this

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H uusrcpmwik00 -t 30 -c check_cpu_stats -a '-w 80 -c 90'

raamardhani7 · Post by **raamardhani7** » Wed Aug 05, 2015 10:46 am

tgriep wrote:You do not need the .sh in the command. Try running it like this
Code: Select all
/usr/local/nagios/libexec/check_nrpe -H uusrcpmwik00 -t 30 -c check_cpu_stats -a '-w 80 -c 90'

Hi..

I tried with that command too, it is not taking, any insights on this please.

/usr/local/nagios/libexec/check_nrpe -H uusrcpmwik00 -t 30 -c check_cpu_stats -a '-w 80 -c 90'
NRPE: Command 'check_cpu_stats' not defined

Post by **lmiltchev** » Wed Aug 05, 2015 11:21 am

This command is usually defined in the "/usr/local/nagios/etc/nrpe/common.cfg" (if you used our installer script) but if you don't have the "common.cfg" file, you could define it in the "/usr/local/nagios/etc/nrpe.cfg" file, save and restart nrpe, so that changes can take effect. Here's my command (from "common.cfg"):

Code: Select all

command[check_cpu_stats]=/usr/local/nagios/libexec/check_cpu_stats.sh $ARG1$

Testing from XI:

Code: Select all

 /usr/local/nagios/libexec/check_nrpe -H x.x.x.x -t 30 -c check_cpu_stats -a '-w 80 -c 90'
CPU STATISTICS OK: user=2.40% system=0.60% iowait=0.00% idle=96.99% | user=2.40% system=0.60% iowait=0.00%;80;90 idle=96.99%

raamardhani7 · Post by **raamardhani7** » Wed Aug 05, 2015 11:48 am

lmiltchev wrote:This command is usually defined in the "/usr/local/nagios/etc/nrpe/common.cfg" (if you used our installer script) but if you don't have the "common.cfg" file, you could define it in the "/usr/local/nagios/etc/nrpe.cfg" file, save and restart nrpe, so that changes can take effect. Here's my command (from "common.cfg"):
Code: Select all
command[check_cpu_stats]=/usr/local/nagios/libexec/check_cpu_stats.sh $ARG1$
Testing from XI:
Code: Select all
 /usr/local/nagios/libexec/check_nrpe -H x.x.x.x -t 30 -c check_cpu_stats -a '-w 80 -c 90'
CPU STATISTICS OK: user=2.40% system=0.60% iowait=0.00% idle=96.99% | user=2.40% system=0.60% iowait=0.00%;80;90 idle=96.99%

Hi Lmiltchev,

I have added the command in config file in the remote server and restarted the nrpe service, do I need to define the commands else where??
Because I have the same issue.

This output is from the XI portal.
COMMAND: /usr/local/nagios/libexec/check_nrpe -H uusrcpmwik00 -t 30 -c check_cpu_stats.sh -a '-w 85 -c 95'
OUTPUT: NRPE: Command 'check_cpu_stats.sh' not defined
Attached the configuration part from Portal.

Output from Nagios XI server:
/usr/local/nagios/libexec/check_nrpe -H uusrcpmwik00 -c check_cpu_stats.sh -a '-w 80 -c 90'
NRPE: Command 'check_cpu_stats.sh' not defined

Nagios Support Forum

NRPE issue

Re: NRPE issue

Re: NRPE issue

Re: NRPE issue

Re: NRPE issue

Re: NRPE issue

Re: NRPE issue

Re: NRPE issue

Re: NRPE issue

Re: NRPE issue

Re: NRPE issue