Passive check freshness check not working

avandemore · Post by **avandemore** » Wed Dec 07, 2016 1:30 pm

Opps, that was supposed to be >= as shown by the 20 minutes value I suggested.

Post by **snapon_admin** » Wed Dec 07, 2016 1:56 pm

I tried that on one of the checks, it stayed green for the 20 minute interval and then went back to warning again with the "no passive checks" received script output.

avandemore · Post by **avandemore** » Wed Dec 07, 2016 2:18 pm

How are the passive checks received? SNMP traps, NRDP, NSCA, etc?

While I rather doubt this is the solution, you can restore a previous configuration via XI > Configure > CCM > Configuration Snapshots and doing an Apply Config. You would use the most recent one prior to yesterday if you do this. Also remember this will undo all configuration changes in Nagios XI since that point.

Post by **snapon_admin** » Wed Dec 07, 2016 2:21 pm

NSCA, and yeah I'd prefer not to do that, but I am saving that as a last resort.

avandemore · Post by **avandemore** » Wed Dec 07, 2016 2:43 pm

Perhaps a project for another day but NSCA has seen its first update in a long time:

https://github.com/NagiosEnterprises/ns ... ease-2.9.2

Are we absolutely sure checks are being received?

Code: Select all

# tcpdump -i any -n "src host <remote ip> and dst port 5667" -w /tmp/capture.cap

You can run that for one of these 20 minute durations and PM the resulting /tmp/capture.cap.

Post by **snapon_admin** » Thu Dec 08, 2016 12:02 pm

tcpdump appears to not be a thing on my server, getting syntax error when I try.

avandemore · Post by **avandemore** » Thu Dec 08, 2016 12:08 pm

Ok, try this:

Code: Select all

# yum install -y -q tcpdump

Then retry.

Post by **snapon_admin** » Thu Dec 08, 2016 12:19 pm

My bad, tcpdump wasn't the issue, it's the -n option that's the syntax error. I've used tcpdump before so it's definitely on there.

Code: Select all

[root@lisl-ngos-01-pv ~]# tcpdump -h
tcpdump version 4.1-PRE-CVS_2016_05_10
libpcap version 1.4.0
Usage: tcpdump [-aAdDefhIJKlLnNOpqRStuUvxX] [ -B size ] [ -c count ]
                [ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]
                [ -i interface ] [ -j tstamptype ] [ -M secret ]
                [ -Q|-P in|out|inout ]
                [ -r file ] [ -s snaplen ] [ -T type ] [ -w file ]
                [ -W filecount ] [ -y datalinktype ] [ -z command ]
                [ -Z user ] [ expression ]

avandemore · Post by **avandemore** » Thu Dec 08, 2016 12:31 pm

Perhaps you're on CentOS/RHEL 6, 7 has a newer tcpdump.

Anyways, you can just omit the -n, it isn't needed just perhaps nicer.

avandemore · Post by **avandemore** » Thu Dec 08, 2016 2:14 pm

pcap file received, you are getting the check data from that host.

Can you send over your /usr/local/nagios/etc/nsca.cfg?

Also in that file changing to debug=1 and restarting xinetd/nsca should show more verbose messages in /var/log/messages.

Nagios Support Forum

Passive check freshness check not working

Re: Passive check freshness check not working

Re: Passive check freshness check not working

Re: Passive check freshness check not working

Re: Passive check freshness check not working

Re: Passive check freshness check not working

Re: Passive check freshness check not working

Re: Passive check freshness check not working

Re: Passive check freshness check not working

Re: Passive check freshness check not working

Re: Passive check freshness check not working