Hello Team,
After upgrading our NagiosXI application to the latest version i.e. 5.5.9 we are facing the below mentioned issue while monitoring our Nagios server:
CHECK_NRPE: Error - Could not connect to 172.25.xx.xxx: Connection reset by peer.
I guess new nrpe.cfg file has been downloaded and now that is getting used here on our Nagios server.
Please suggest what needs to be changed to fix the same.
Monitoring issue post upgrading our NagiosXI 5.5.9
-
aditya.c.anand
- Posts: 56
- Joined: Mon Mar 20, 2017 7:16 am
Re: Monitoring issue post upgrading our NagiosXI 5.5.9
What kinds of hosts are you monitoring via check_nrpe - Windows, Linux, etc.? What is the NRPE version that is installed on the remote machines? Does your check work if you add "-2" to your command?
Example:
Example:
Code: Select all
/usr/local/nagios/libexec/check_nrpe -2 -H <remote ip> -c <command> -a <arguments> Be sure to check out our Knowledgebase for helpful articles and solutions!
-
aditya.c.anand
- Posts: 56
- Joined: Mon Mar 20, 2017 7:16 am
Re: Monitoring issue post upgrading our NagiosXI 5.5.9
Hello Team,
We tried using "-2" but no luck.
Here is the output of my nrpe status.
[root@ker-l-appmon01p ~]# /usr/local/nagios/libexec/check_nrpe -2 -H 172.25.45.171 -t 60 -c check_ps.sh -a '-p cron'
CHECK_NRPE: Error - Could not connect to 172.25.45.171: Connection reset by peer
[root@ker-l-appmon01p ~]# service nrpe status
Redirecting to /bin/systemctl status nrpe.service
● nrpe.service - Nagios Remote Plugin Executor
Loaded: loaded (/usr/lib/systemd/system/nrpe.service; disabled; vendor preset: disabled)
Active: active (running) since Fri 2019-01-18 20:06:20 CET; 1 weeks 4 days ago
Docs: http://www.nagios.org/documentation
Main PID: 27350 (nrpe)
CGroup: /system.slice/nrpe.service
└─27350 /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -f
Jan 30 08:39:17 ker-l-appmon01p nrpe[13384]: Host 172.25.45.171 is not allowed to talk to us!
Jan 30 08:42:59 ker-l-appmon01p nrpe[34173]: Host 172.25.45.171 is not allowed to talk to us!
Jan 30 08:43:15 ker-l-appmon01p nrpe[35761]: Host 172.25.45.171 is not allowed to talk to us!
Jan 30 08:48:13 ker-l-appmon01p nrpe[64154]: Host 172.25.45.171 is not allowed to talk to us!
Jan 30 08:48:50 ker-l-appmon01p nrpe[2674]: Host 172.25.45.171 is not allowed to talk to us!
Jan 30 08:49:13 ker-l-appmon01p nrpe[5064]: Host 172.25.45.171 is not allowed to talk to us!
Jan 30 08:53:12 ker-l-appmon01p nrpe[27484]: Host 172.25.45.171 is not allowed to talk to us!
Jan 30 08:53:58 ker-l-appmon01p nrpe[31962]: Host 172.25.45.171 is not allowed to talk to us!
Jan 30 08:54:12 ker-l-appmon01p nrpe[33443]: Host 172.25.45.171 is not allowed to talk to us!
Jan 30 08:54:23 ker-l-appmon01p nrpe[34385]: Host 172.25.45.171 is not allowed to talk to us!
Kindly suggest what needs to be done here.
We tried using "-2" but no luck.
Here is the output of my nrpe status.
[root@ker-l-appmon01p ~]# /usr/local/nagios/libexec/check_nrpe -2 -H 172.25.45.171 -t 60 -c check_ps.sh -a '-p cron'
CHECK_NRPE: Error - Could not connect to 172.25.45.171: Connection reset by peer
[root@ker-l-appmon01p ~]# service nrpe status
Redirecting to /bin/systemctl status nrpe.service
● nrpe.service - Nagios Remote Plugin Executor
Loaded: loaded (/usr/lib/systemd/system/nrpe.service; disabled; vendor preset: disabled)
Active: active (running) since Fri 2019-01-18 20:06:20 CET; 1 weeks 4 days ago
Docs: http://www.nagios.org/documentation
Main PID: 27350 (nrpe)
CGroup: /system.slice/nrpe.service
└─27350 /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -f
Jan 30 08:39:17 ker-l-appmon01p nrpe[13384]: Host 172.25.45.171 is not allowed to talk to us!
Jan 30 08:42:59 ker-l-appmon01p nrpe[34173]: Host 172.25.45.171 is not allowed to talk to us!
Jan 30 08:43:15 ker-l-appmon01p nrpe[35761]: Host 172.25.45.171 is not allowed to talk to us!
Jan 30 08:48:13 ker-l-appmon01p nrpe[64154]: Host 172.25.45.171 is not allowed to talk to us!
Jan 30 08:48:50 ker-l-appmon01p nrpe[2674]: Host 172.25.45.171 is not allowed to talk to us!
Jan 30 08:49:13 ker-l-appmon01p nrpe[5064]: Host 172.25.45.171 is not allowed to talk to us!
Jan 30 08:53:12 ker-l-appmon01p nrpe[27484]: Host 172.25.45.171 is not allowed to talk to us!
Jan 30 08:53:58 ker-l-appmon01p nrpe[31962]: Host 172.25.45.171 is not allowed to talk to us!
Jan 30 08:54:12 ker-l-appmon01p nrpe[33443]: Host 172.25.45.171 is not allowed to talk to us!
Jan 30 08:54:23 ker-l-appmon01p nrpe[34385]: Host 172.25.45.171 is not allowed to talk to us!
Kindly suggest what needs to be done here.
Re: Monitoring issue post upgrading our NagiosXI 5.5.9
Is the 172.25.45.171 the ip address of the remote box or the ip of the Nagios XI server? Is NRPE running under xinetd or as a "standalone" daemon.
If NRPE is running under xinetd, you would need to add the Nagios XI server IP address to the "only_from" line in the /etc/xinetd.d/nrpe file on the remote box:
Note: IP addresses are space separated.
Save, exit, and restart xinetd:
If NRPE is running as a "standalone" daemon, you would need to add the Nagios XI server IP address to the "allowed_hosts" line in the /usr/local/nagios/etc/nrpe.cfg file on the remote box:
Note: IP addresses are comma separated.
Make sure you have the following line:
Save, exit, and restart nrpe.
If NRPE is running under xinetd, you would need to add the Nagios XI server IP address to the "only_from" line in the /etc/xinetd.d/nrpe file on the remote box:
Code: Select all
only_from = 127.0.0.1 <Nagios XI server ip>Save, exit, and restart xinetd:
Code: Select all
systemctl restart xinetdCode: Select all
allowed_hosts=127.0.0.1,<Nagios XI server ip>Make sure you have the following line:
Code: Select all
dont_blame_nrpe=1Code: Select all
systemctl restart nrpeBe sure to check out our Knowledgebase for helpful articles and solutions!