Passive Alerts With NSCA not working

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
npolovenko
Support Tech
Posts: 3457
Joined: Mon May 15, 2017 5:00 pm

Re: Passive Alerts With NSCA not working

Post by npolovenko »

@cybergene, We might be able to get more information on this issue if you increase the loglevel verbosity:
In ncpa.cfg find the [passive] section and please chnage:

Code: Select all

loglevel = info
to

Code: Select all

loglevel = debug
Restart the service, give it 5 minutes and then check the var/log/ncpa_passive.log file.

Also, what version of python do you have installed on your ncpa client server?
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
cybergene
Posts: 92
Joined: Wed Aug 10, 2016 7:38 am
Location: Ottawa, Ontario, Canada

Re: Passive Alerts With NSCA not working

Post by cybergene »

See attached log file.
Attachments
ncpa_passive.log
(1.51 MiB) Downloaded 432 times
npolovenko
Support Tech
Posts: 3457
Joined: Mon May 15, 2017 5:00 pm

Re: Passive Alerts With NSCA not working

Post by npolovenko »

@cybergene, Seems like NRDP is working. Have you taken a look at /usr/local/nagios/var/nagios.log on the Nagios Server recently? If you still do not see new entries in the log file, or in your defined service checks, I'd test to see if the firewall causing problems. From your monitored server run the following:

Code: Select all

yum install telnet
telnet 54.165.9.118 80
and
54.165.9.118 443 
Does this test says everything is ok, or do you see a message that connection was refused?

PS: when we get this to work don't forget to change the log level from debug back to info to avoid using too much of a disk space.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
cybergene
Posts: 92
Joined: Wed Aug 10, 2016 7:38 am
Location: Ottawa, Ontario, Canada

Re: Passive Alerts With NSCA not working

Post by cybergene »

Hi @ npolovenko

I'm getting:

Code: Select all

telnet: Unable to connect to remote host: Connection refused
on both ports.

I checked the inbound rules on Nagios Core in AWS, and I made it open for both ports and still.
npolovenko
Support Tech
Posts: 3457
Joined: Mon May 15, 2017 5:00 pm

Re: Passive Alerts With NSCA not working

Post by npolovenko »

@cybergene, Can you post the full /usr/local/nagios/var/nagios.log file from the Nagios Server?
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
cybergene
Posts: 92
Joined: Wed Aug 10, 2016 7:38 am
Location: Ottawa, Ontario, Canada

Re: Passive Alerts With NSCA not working

Post by cybergene »

Attached few logs files, let me know if you need more.
Attachments
nagios log.7z
(3.78 KiB) Downloaded 193 times
npolovenko
Support Tech
Posts: 3457
Joined: Mon May 15, 2017 5:00 pm

Re: Passive Alerts With NSCA not working

Post by npolovenko »

@cybergene, Thank you for the log files. I've talked to my colleagues and was told that very often amazon aws server has it's own firewall restrictions. That means even though you enabled ports 80 and 443 on the VM, there could still be another layer of limitations. So if you can't:

Code: Select all

nmap 54.165.9.118 -p 80
or

Code: Select all

nmap 54.165.9.118 -p 443
Then I suggest contacting Amazon so they can direct you on how to open their firewall.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
cybergene
Posts: 92
Joined: Wed Aug 10, 2016 7:38 am
Location: Ottawa, Ontario, Canada

Re: Passive Alerts With NSCA not working

Post by cybergene »

Hi @ npolovenko,

After some investigation heere are the results for Nmap.

nmap 54.165.9.118 -p 80

Code: Select all

Starting Nmap 7.40 ( https://nmap.org ) at 2018-01-05 10:42 EST
Nmap scan report for NAGIOS (54.165.9.118)
Host is up (0.032s latency).
PORT   STATE SERVICE
80/tcp open  http

Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds
nmap 54.165.9.118 -p 443

Code: Select all

Starting Nmap 7.40 ( https://nmap.org ) at 2018-01-05 10:42 EST
Nmap scan report for NAGIOS (54.165.9.118)
Host is up (0.032s latency).
PORT    STATE  SERVICE
443/tcp closed https
You might be right about the ports, although I have the SG rule open specifically for the remote server, it still shows 443 closed. I'm not sure if it is AWS or VmWare where the remote resides.

From what I undestand so far is that NCPA depends on port 80 and 443 to communicate with NRDP server? You didn't mention any other ports that they communicate over...
npolovenko
Support Tech
Posts: 3457
Joined: Mon May 15, 2017 5:00 pm

Re: Passive Alerts With NSCA not working

Post by npolovenko »

@cybergene, Since you're using NCPA to send passive checks its only ports 80 and 443. If you used active checks the default port would've been 5693. But this shouldn't matter in our case.
Are you able to just open a web browser on the remote NCPA server and in the URL bar type in the nagios_ip/nrdp. Are you able to acess that page?
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
cybergene
Posts: 92
Joined: Wed Aug 10, 2016 7:38 am
Location: Ottawa, Ontario, Canada

Re: Passive Alerts With NSCA not working

Post by cybergene »

Thanks for the clarification @npolovenko.

Yes, I can curl it and it seems to work curl http://54.165.9.118/nrdp/.

Code: Select all

<strong>Submit Nagios Command:</strong><br>
        <form action="" method="get">
        <input type="hidden" name="cmd" value="submitcmd">
        Token: <input type="text" name="token" value="" size="15"><br>
        Command: <input type="text" name="command" size="50" value="DISABLE_HOST_NOTIFICATIONS;somehost"><br>
        <input type="submit" name="btnSubmit" value="Submit Command">
        </form>

        <hr>

        <strong>Submit Check Data</strong><br>
        <form action="" method="post">
        <input type="hidden" name="cmd" value="submitcheck">
        Token: <input type="text" name="token" value="" size="15"><br>
        Check Data:<br>
<textarea cols="80" rows="15" name="XMLDATA">
<?xml version='1.0'?>
<checkresults>
        <checkresult type='host'>
                <hostname>somehost</hostname>
                <state>0</state>
                <output>Everything looks okay!|perfdata</output>
        </checkresult>
        <checkresult type='service'>
                <hostname>somehost</hostname>
                <servicename>someservice</servicename>
                <state>1</state>
                <output>WARNING: Danger Will Robinson!|perfdata</output>
        </checkresult>
</checkresults>
</textarea><br>
        <input type="submit" name="btnSubmit" value="Submit Check Data">
        </form>
Locked