Some questions about NCPA

RandomGuy86 · Post by **RandomGuy86** » Tue Sep 08, 2015 10:59 am

NCPA active checks:

I have installed Nagios Core 4.X on my Linux Server according to this guide:
https://assets.nagios.com/downloads/nag ... edora.html

I have installed NCPA on my Windows Client according to this guide:
https://assets.nagios.com/downloads/ncp ... ation.html

Right now I want to configure an active check for my Windows Client. So far I've figured out that I need the plugin 'check_ncpa.py' for that. I'm using the following guide:
https://assets.nagios.com/downloads/ncp ... ctive.html

Problem:

It states I need to "install" the plugin to nagios/libexec; I guessed it meant usr/local/nagios/libexec, so I copied the plugin there.
However when I tried to use the commend "./check_ncpa.py --help" to learn how to use the plugin I get the following error message: (I'm the root user)
-bash: .check ncpa.py: Keine Berechtigung
(Properly "No Authorization" or something similar in English)

I guess due to my inexperience with Linux (I use Scientific Linux 6.7 (based on Red Hat) if that's relevant) I guess I have "installed" the plugin incorrectly.
Help?

edit:
Did some digging, this issue is properly solved by the commands "chmod u+x script" and "chmod r+x script".

NCPA passive checks:

My NCPA Windows Client already (properly) sends passive checks to the NCPA Linux Server (IP, Token and Hostname have been set), but I'm at a loss where to catch those checks on my NCPA Linux Server, where those values are logged, how I can visualize them, etc. The guide I've found only explains how to set them up, not how to catch them:
https://assets.nagios.com/downloads/ncp ... ssive.html

Can someone please point me in the right direction where I can learn more?

tmcdonald · Post by **tmcdonald** » Tue Sep 08, 2015 11:40 am

I am not quite sure what you are asking in regards to the passive checks. You say they are properly being sent, so I don't know what the issue is. Have you created hosts and services with the proper names in Nagios to receive the passive data? If you have not done so already that would explain why you are not seeing anything, but you said they were being properly sent so I am a bit confused.

RandomGuy86 · Post by **RandomGuy86** » Tue Sep 08, 2015 12:17 pm

Sorry, I messed up with my English.

The passive checks are probably send, as I set up the IP, NRDP Token and Hostname.
Okay, I think I realize what I'm missing; I have to set up NRDP on my Linux Nagios Host, right?

tmcdonald · Post by **tmcdonald** » Tue Sep 08, 2015 4:38 pm

RandomGuy86 wrote:Okay, I think I realize what I'm missing; I have to set up NRDP on my Linux Nagios Host, right?

Correct. Without NRDP installed there is nothing to accept the incoming results.

https://assets.nagios.com/downloads/nrd ... erview.pdf

You may need to change some locations based on your OS and how you installed Nagios.

RandomGuy86 · Post by **RandomGuy86** » Wed Sep 09, 2015 12:28 pm

Okay, I'm think I'm slowly starting the get the hang of active checks. I've successfully managed to use check_ncpa in the terminal to do active checks.

However I am at a loss what syntax I have to use when I define a service in an object definition file.

E.g., how do I translate the following command into a valid service definition:

Code: Select all

./check_ncpa.py -H ncpaserver -t yourtoken -M cpu/percent

Code: Select all

define service[
	use					generic-service
	host_name			winserver
	service_description	NCPA CPU %
	check_command		???
	}

<>

Regarding passive checks I'm still at a loss. To make things more simple I've installed NCPA on my Linux Host and set it up to send passive checks to the Linux Host. I've installed the NRDP server, but when I open its server API I get the following error message:

Code: Select all

http://<ipaddress>/nrdp

Code: Select all

Mit dieser XML-Datei sind anscheinend keine Style-Informationen verknüpft. Nachfolgend wird die Baum-Ansicht des Dokuments angezeigt

Translated to Englisch:

Code: Select all

This XML-File seems to not be linked to style information. Below this message the tree view will be displayed

tmcdonald · Post by **tmcdonald** » Wed Sep 09, 2015 2:01 pm

RandomGuy86 wrote:E.g., how do I translate the following command into a valid service definition:
Code: Select all
./check_ncpa.py -H ncpaserver -t yourtoken -M cpu/percent
Code: Select all
define service[
	use					generic-service
	host_name			winserver
	service_description	NCPA CPU %
	check_command		???
	}

You will need to either define a new command, or use an existing one if it is already there. The format is as follows:

https://assets.nagios.com/downloads/nag ... ml#command

The link goes over how to define a command, and how to use arguments with it. These would then be used in the service definition:

https://assets.nagios.com/downloads/nag ... s.html#arg

RandomGuy86 wrote:when I open its server API I get the following error message:
Code: Select all
http://<ipaddress>/nrdp
Code: Select all
Mit dieser XML-Datei sind anscheinend keine Style-Informationen verknüpft. Nachfolgend wird die Baum-Ansicht des Dokuments angezeigt
Translated to Englisch:
Code: Select all
This XML-File seems to not be linked to style information. Below this message the tree view will be displayed

Interesting. Do you have any entries in your Apache error log when this happens? Can you post a screenshot of the page?

RandomGuy86 · Post by **RandomGuy86** » Wed Sep 09, 2015 2:29 pm

Apache /var/log/httpd/error_log (just the few latest entries):

Code: Select all

[Tue Sep 08 19:21:30 2015] [error] [client 127.0.0.1] Directory index forbidden by Options directive: /var/www/html/
[Tue Sep 08 19:26:30 2015] [error] [client 127.0.0.1] Directory index forbidden by Options directive: /var/www/html/
[Tue Sep 08 19:31:15 2015] [error] [client 192.168.56.101] PHP Notice:  Use of undefined constant nagi_os_NRDP - assumed 'nagi_os_NRDP' in /usr/local/nrdp/server/config.inc.php on line 14, referer: http://192.168.56.101/nrdp/
[Tue Sep 08 19:31:15 2015] [error] [client 192.168.56.101] PHP Warning:  date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/Berlin' for 'CEST/2.0/DST' instead in /usr/local/nrdp/server/plugins/nagioscorepassivecheck/nagioscorepassivecheck.inc.php on line 105, referer: http://192.168.56.101/nrdp/
[Tue Sep 08 19:31:15 2015] [error] [client 192.168.56.101] PHP Warning:  date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/Berlin' for 'CEST/2.0/DST' instead in /usr/local/nrdp/server/plugins/nagioscorepassivecheck/nagioscorepassivecheck.inc.php on line 105, referer: http://192.168.56.101/nrdp/
[Tue Sep 08 19:31:30 2015] [error] [client 127.0.0.1] Directory index forbidden by Options directive: /var/www/html/

Yes, I guess there is something wrong here.

Screenshot:

Post by **lmiltchev** » Wed Sep 09, 2015 3:17 pm

Let's try clearing some of these error messages.

1. Set the correct timezone in the "/etc/php.ini" and restart apache

2. Run the following commands and show the output:

Code: Select all

grep /etc/group
nmap localhost
iptables -nL
sestatus

3. Post the "nagios.conf" file.

RandomGuy86 · Post by **RandomGuy86** » Wed Sep 09, 2015 4:34 pm

lmiltchev wrote:Run the following commands and show the output:
Code: Select all
1. grep /etc/group
2. nmap localhost
3. iptables -nL
4. sestatus

1.) Occupies the terminal, you can still type, but the [root@Host] is gone, and it does not react to commands. Similar to loading an external program, e.g. FireFox, without "&".
Can it be that this command takes a long time to compute?
2. nmap is an unknown command
3.

Code: Select all

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22 
REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

4.

Code: Select all

SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   permissive
Mode from config file:          permissive
Policy version:                 24
Policy from config file:        targeted

nagios.cfg: (43.78 KiB) Downloaded 203 times

Post by **lmiltchev** » Wed Sep 09, 2015 4:50 pm

I am sorry - my bad, I meat to ask you to run:

Code: Select all

grep nag /etc/group

not

Code: Select all

grep /etc/group

For troubleshooting purposes, disable selinux and stop iptables:

Code: Select all

setenforce 0
service iptables stop

Also, I wanted to see the "nagios.conf", not the "nagios.cfg". It should be in: "/etc/httpd/conf.d/nagios.conf". Thanks!

Nagios Support Forum

Some questions about NCPA

Some questions about NCPA

Re: Some questions about NCPA

Re: Some questions about NCPA

Re: Some questions about NCPA

Re: Some questions about NCPA

Re: Some questions about NCPA

Re: Some questions about NCPA

Re: Some questions about NCPA

Re: Some questions about NCPA

Re: Some questions about NCPA