I have been monitoring all my db log files from my sql server, all monitoring services are fine.
But I have checked as I turn on firewall, my os and all db metrics monitoring is fine but db log files monitoring went into critical state.
My command is as following.
check_xi_mssql_database!-U 'abc' -P '123' -T 'CE_OnlineDB' -p 1433 --logfileusage --warning 0:70 --critical 0:80!!!!!!!
It throws a message, service check timeout after 60 seconds. I turned off firewall and all services are back to Ok state.
One important thing which I want to share, I have telnet my host on 1433 port, access is there in both cases when firewall enabled and disabled.
kindly suggest.
Firewall enabled unable to monitor db log file
Re: Firewall enabled unable to monitor db log file
Does your firewall allow traffic both ways, or perhaps are you only allowing inbound traffic? This would mean that telnet will still work, but any data coming back would be blocked. It sounds like a firewall issue though, regardless.
When the firewall is off, what is the output of nmap mssqlserverip -p 1433? (replace mssqlserverip accordingly) Now, when the firewall is on, please run the same command once again and post the output for us to review.
When the firewall is off, what is the output of nmap mssqlserverip -p 1433? (replace mssqlserverip accordingly) Now, when the firewall is on, please run the same command once again and post the output for us to review.
Former Nagios Employee
Re: Firewall enabled unable to monitor db log file
Firewall disabled:
C:\Users\AxsysadminUAT>nmap 1.2.3.4 -p 1433
Starting Nmap 7.12 ( https://nmap.org ) at 2016-08-15 07:01 Pacific Daylight Time
Nmap scan report for 1.2.3.4
Host is up (0.00088s latency).
PORT STATE SERVICE
1433/tcp open ms-sql-s
Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds
Firewall enabled
C:\Users\AxsysadminUAT>nmap 1.2.3.4 -p 1433
Starting Nmap 7.12 ( https://nmap.org ) at 2016-08-15 07:01 Pacific Daylight Ti
e
Nmap scan report for 1.2.3.4
Host is up (0.00088s latency).
PORT STATE SERVICE
1433/tcp open ms-sql-s
Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds
C:\Users\AxsysadminUAT>nmap 1.2.3.4 -p 1433
Starting Nmap 7.12 ( https://nmap.org ) at 2016-08-15 07:01 Pacific Daylight Time
Nmap scan report for 1.2.3.4
Host is up (0.00088s latency).
PORT STATE SERVICE
1433/tcp open ms-sql-s
Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds
Firewall enabled
C:\Users\AxsysadminUAT>nmap 1.2.3.4 -p 1433
Starting Nmap 7.12 ( https://nmap.org ) at 2016-08-15 07:01 Pacific Daylight Ti
e
Nmap scan report for 1.2.3.4
Host is up (0.00088s latency).
PORT STATE SERVICE
1433/tcp open ms-sql-s
Nmap done: 1 IP address (1 host up) scanned in 3.50 seconds
Re: Firewall enabled unable to monitor db log file
The nmap will show the result for traffic destined TO the machine as being OK, but my question is if the data is being REJECTED TO the XI server on the way back. The fact that it works when the firewall is enabled, but not disabled confirms this. You might need to add a wildcard allow for your XI server to the MSSQL machine.rkennedy wrote:Does your firewall allow traffic both ways, or perhaps are you only allowing inbound traffic? This would mean that telnet will still work, but any data coming back would be blocked. It sounds like a firewall issue though, regardless.
Former Nagios Employee
Re: Firewall enabled unable to monitor db log file
Could not get that point.
Can you please further elaborate it.
Thank you!
Can you please further elaborate it.
Thank you!
Re: Firewall enabled unable to monitor db log file
You are blocking traffic TO the Nagios server when your firewall is on.
Former Nagios Employee
Re: Firewall enabled unable to monitor db log file
Sir! I need solution!
Can you suggest any other way to fix this issue.
Thank you
Can you suggest any other way to fix this issue.
Thank you
Re: Firewall enabled unable to monitor db log file
You need to allow traffic TO your Nagios server FROM your MSSQL machine.
Former Nagios Employee