Error: Could not read host and service status information!

[tgriep]

Can you post the cgi.cfg file from the nagios etc folder and the Apache nagios.conf file?
Typically the Apache file is here.

Code: Select all

/etc/apache2/conf-enabled/nagios.conf

Was the nagiosadmin login account removed from the system?

[buee]

Can you post the cgi.cfg file from the nagios etc folder and the Apache nagios.conf file?
Typically the Apache file is here.

Code: Select all

/etc/apache2/conf-enabled/nagios.conf

Was the nagiosadmin login account removed from the system?

My cgi.cfg:

Code: Select all

#################################################################
#
# CGI.CFG - Sample CGI Configuration File for Nagios
#
#################################################################


# MAIN CONFIGURATION FILE
# This tells the CGIs where to find your main configuration file.
# The CGIs will read the main and host config files for any other
# data they might need.

main_config_file=/etc/nagios3/nagios.cfg



# PHYSICAL HTML PATH
# This is the path where the HTML files for Nagios reside.  This
# value is used to locate the logo images needed by the statusmap
# and statuswrl CGIs.

physical_html_path=/usr/share/nagios3/htdocs



# URL HTML PATH
# This is the path portion of the URL that corresponds to the
# physical location of the Nagios HTML files (as defined above).
# This value is used by the CGIs to locate the online documentation
# and graphics.  If you access the Nagios pages with an URL like
# http://www.myhost.com/nagios, this value should be '/nagios'
# (without the quotes).

url_html_path=/nagios3



# CONTEXT-SENSITIVE HELP
# This option determines whether or not a context-sensitive
# help icon will be displayed for most of the CGIs.
# Values: 0 = disables context-sensitive help
#         1 = enables context-sensitive help

show_context_help=1



# PENDING STATES OPTION
# This option determines what states should be displayed in the web
# interface for hosts/services that have not yet been checked.
# Values: 0 = leave hosts/services that have not been check yet in their original state
#         1 = mark hosts/services that have not been checked yet as PENDING

use_pending_states=1

# NAGIOS PROCESS CHECK COMMAND
# This is the full path and filename of the program used to check
# the status of the Nagios process.  It is used only by the CGIs
# and is completely optional.  However, if you don't use it, you'll
# see warning messages in the CGIs about the Nagios process
# not running and you won't be able to execute any commands from
# the web interface.  The program should follow the same rules
# as plugins; the return codes are the same as for the plugins,
# it should have timeout protection, it should output something
# to STDIO, etc.
#
# Note: The command line for the check_nagios plugin below may
# have to be tweaked a bit, as different versions of the plugin
# use different command line arguments/syntaxes.

nagios_check_command=/usr/lib/nagios/plugins/check_nagios /var/cache/nagios3/status.dat 5 '/usr/sbin/nagios3'


# AUTHENTICATION USAGE
# This option controls whether or not the CGIs will use any
# authentication when displaying host and service information, as
# well as committing commands to Nagios for processing.
#
# Read the HTML documentation to learn how the authorization works!
#
# NOTE: It is a really *bad* idea to disable authorization, unless
# you plan on removing the command CGI (cmd.cgi)!  Failure to do
# so will leave you wide open to kiddies messing with Nagios and
# possibly hitting you with a denial of service attack by filling up
# your drive by continuously writing to your command file!
#
# Setting this value to 0 will cause the CGIs to *not* use
# authentication (bad idea), while any other value will make them
# use the authentication functions (the default).

use_authentication=1




# x509 CERT AUTHENTICATION
# When enabled, this option allows you to use x509 cert (SSL)
# authentication in the CGIs.  This is an advanced option and should
# not be enabled unless you know what you're doing.

use_ssl_authentication=0




# DEFAULT USER
# Setting this variable will define a default user name that can
# access pages without authentication.  This allows people within a
# secure domain (i.e., behind a firewall) to see the current status
# without authenticating.  You may want to use this to avoid basic
# authentication if you are not using a secure server since basic
# authentication transmits passwords in the clear.
#
# Important:  Do not define a default username unless you are
# running a secure web server and are sure that everyone who has
# access to the CGIs has been authenticated in some manner!  If you
# define this variable, anyone who has not authenticated to the web
# server will inherit all rights you assign to this user!

#default_user_name=guest



# SYSTEM/PROCESS INFORMATION ACCESS
# This option is a comma-delimited list of all usernames that
# have access to viewing the Nagios process information as
# provided by the Extended Information CGI (extinfo.cgi).  By
# default, *no one* has access to this unless you choose to
# not use authorization.  You may use an asterisk (*) to
# authorize any user who has authenticated to the web server.

authorized_for_system_information=buee



# CONFIGURATION INFORMATION ACCESS
# This option is a comma-delimited list of all usernames that
# can view ALL configuration information (hosts, commands, etc).
# By default, users can only view configuration information
# for the hosts and services they are contacts for. You may use
# an asterisk (*) to authorize any user who has authenticated
# to the web server.

authorized_for_configuration_information=buee



# SYSTEM/PROCESS COMMAND ACCESS
# This option is a comma-delimited list of all usernames that
# can issue shutdown and restart commands to Nagios via the
# command CGI (cmd.cgi).  Users in this list can also change
# the program mode to active or standby. By default, *no one*
# has access to this unless you choose to not use authorization.
# You may use an asterisk (*) to authorize any user who has
# authenticated to the web server.

authorized_for_system_commands=buee



# GLOBAL HOST/SERVICE VIEW ACCESS
# These two options are comma-delimited lists of all usernames that
# can view information for all hosts and services that are being
# monitored.  By default, users can only view information
# for hosts or services that they are contacts for (unless you
# you choose to not use authorization). You may use an asterisk (*)
# to authorize any user who has authenticated to the web server.


authorized_for_all_services=buee
authorized_for_all_hosts=buee



# GLOBAL HOST/SERVICE COMMAND ACCESS
# These two options are comma-delimited lists of all usernames that
# can issue host or service related commands via the command
# CGI (cmd.cgi) for all hosts and services that are being monitored.
# By default, users can only issue commands for hosts or services
# that they are contacts for (unless you you choose to not use
# authorization).  You may use an asterisk (*) to authorize any
# user who has authenticated to the web server.

authorized_for_all_service_commands=buee
authorized_for_all_host_commands=buee



# READ-ONLY USERS
# A comma-delimited list of usernames that have read-only rights in
# the CGIs.  This will block any service or host commands normally shown
# on the extinfo CGI pages.  It will also block comments from being shown
# to read-only users.

#authorized_for_read_only=user1,user2




# STATUSMAP BACKGROUND IMAGE
# This option allows you to specify an image to be used as a
# background in the statusmap CGI.  It is assumed that the image
# resides in the HTML images path (i.e. /usr/local/nagios/share/images).
# This path is automatically determined by appending "/images"
# to the path specified by the 'physical_html_path' directive.
# Note:  The image file may be in GIF, PNG, JPEG, or GD2 format.
# However, I recommend that you convert your image to GD2 format
# (uncompressed), as this will cause less CPU load when the CGI
# generates the image.

#statusmap_background_image=smbackground.gd2




# STATUSMAP TRANSPARENCY INDEX COLOR
# These options set the r,g,b values of the background color used the statusmap CGI,
# so normal browsers that can't show real png transparency set the desired color as
# a background color instead (to make it look pretty).
# Defaults to white: (R,G,B) = (255,255,255).

#color_transparency_index_r=255
#color_transparency_index_g=255
#color_transparency_index_b=255




# DEFAULT STATUSMAP LAYOUT METHOD
# This option allows you to specify the default layout method
# the statusmap CGI should use for drawing hosts.  If you do
# not use this option, the default is to use user-defined
# coordinates.  Valid options are as follows:
#       0 = User-defined coordinates
#       1 = Depth layers
#       2 = Collapsed tree
#       3 = Balanced tree
#       4 = Circular
#       5 = Circular (Marked Up)

default_statusmap_layout=5



# DEFAULT STATUSWRL LAYOUT METHOD
# This option allows you to specify the default layout method
# the statuswrl (VRML) CGI should use for drawing hosts.  If you
# do not use this option, the default is to use user-defined
# coordinates.  Valid options are as follows:
#       0 = User-defined coordinates
#       2 = Collapsed tree
#       3 = Balanced tree
#       4 = Circular

default_statuswrl_layout=4



# STATUSWRL INCLUDE
# This option allows you to include your own objects in the
# generated VRML world.  It is assumed that the file
# resides in the HTML path (i.e. /usr/local/nagios/share).

#statuswrl_include=myworld.wrl



# PING SYNTAX
# This option determines what syntax should be used when
# attempting to ping a host from the WAP interface (using
# the statuswml CGI.  You must include the full path to
# the ping binary, along with all required options.  The
# $HOSTADDRESS$ macro is substituted with the address of
# the host before the command is executed.
# Please note that the syntax for the ping binary is
# notorious for being different on virtually ever *NIX
# OS and distribution, so you may have to tweak this to
# work on your system.

ping_syntax=/bin/ping -n -U -c 5 $HOSTADDRESS$



# REFRESH RATE
# This option allows you to specify the refresh rate in seconds
# of various CGIs (status, statusmap, extinfo, and outages).

refresh_rate=30

# DEFAULT PAGE LIMIT
# This option allows you to specify the default number of results
# displayed on the status.cgi.  This number can be adjusted from
# within the UI after the initial page load. Setting this to 0
# will show all results.

result_limit=100


# ESCAPE HTML TAGS
# This option determines whether HTML tags in host and service
# status output is escaped in the web interface.  If enabled,
# your plugin output will not be able to contain clickable links.

escape_html_tags=1




# SOUND OPTIONS
# These options allow you to specify an optional audio file
# that should be played in your browser window when there are
# problems on the network.  The audio files are used only in
# the status CGI.  Only the sound for the most critical problem
# will be played.  Order of importance (higher to lower) is as
# follows: unreachable hosts, down hosts, critical services,
# warning services, and unknown services. If there are no
# visible problems, the sound file optionally specified by
# 'normal_sound' variable will be played.
#
#
# <varname>=<sound_file>
#
# Note: All audio files must be placed in the /media subdirectory
# under the HTML path (i.e. /usr/local/nagios/share/media/).

#host_unreachable_sound=hostdown.wav
#host_down_sound=hostdown.wav
#service_critical_sound=critical.wav
#service_warning_sound=warning.wav
#service_unknown_sound=warning.wav
#normal_sound=noproblem.wav



# URL TARGET FRAMES
# These options determine the target frames in which notes and
# action URLs will open.

action_url_target=_blank
notes_url_target=_blank




# LOCK AUTHOR NAMES OPTION
# This option determines whether users can change the author name
# when submitting comments, scheduling downtime.  If disabled, the
# author names will be locked into their contact name, as defined in Nagios.
# Values: 0 = allow editing author names
#         1 = lock author names (disallow editing)

lock_author_names=1




# SPLUNK INTEGRATION OPTIONS
# These options allow you to enable integration with Splunk
# in the web interface.  If enabled, you'll be presented with
# "Splunk It" links in various places in the CGIs (log file,
# alert history, host/service detail, etc).  Useful if you're
# trying to research why a particular problem occurred.
# For more information on Splunk, visit http://www.splunk.com/

# This option determines whether the Splunk integration is enabled
# Values: 0 = disable Splunk integration
#         1 = enable Splunk integration

#enable_splunk_integration=1


# This option should be the URL used to access your instance of Splunk

#splunk_url=http://127.0.0.1:8000/

And the nagios.conf file for Apache2:

Code: Select all

# apache configuration for nagios 3.x
# note to users of nagios 1.x and 2.x:
#       throughout this file are commented out sections which preserve
#       backwards compatibility with bookmarks/config for older nagios versios.
#       simply look for lines following "nagios 1.x:" and "nagios 2.x" comments.

ScriptAlias /cgi-bin/nagios3 /usr/lib/cgi-bin/nagios3
ScriptAlias /nagios3/cgi-bin /usr/lib/cgi-bin/nagios3
# nagios 1.x:
#ScriptAlias /cgi-bin/nagios /usr/lib/cgi-bin/nagios3
#ScriptAlias /nagios/cgi-bin /usr/lib/cgi-bin/nagios3
# nagios 2.x:
#ScriptAlias /cgi-bin/nagios2 /usr/lib/cgi-bin/nagios3
#ScriptAlias /nagios2/cgi-bin /usr/lib/cgi-bin/nagios3

# Where the stylesheets (config files) reside
Alias /nagios3/stylesheets /etc/nagios3/stylesheets
# nagios 1.x:
#Alias /nagios/stylesheets /etc/nagios3/stylesheets
# nagios 2.x:
#Alias /nagios2/stylesheets /etc/nagios3/stylesheets

# Where the HTML pages live
Alias /nagios3 /usr/share/nagios3/htdocs
# nagios 2.x:
#Alias /nagios2 /usr/share/nagios3/htdocs
# nagios 1.x:
#Alias /nagios /usr/share/nagios3/htdocs

<DirectoryMatch (/usr/share/nagios3/htdocs|/usr/lib/cgi-bin/nagios3|/etc/nagios3/stylesheets)>
        Options FollowSymLinks

        DirectoryIndex index.php index.html

        AllowOverride AuthConfig


    <IfVersion < 2.3>
        Order Allow,Deny
        Allow From All
    </IfVersion>

    <IfVersion >= 2.3>
        Require all denied
    </IfVersion>

        AuthName "Nagios Access"
        AuthType Basic
        AuthUserFile /etc/nagios3/htpasswd.users
        # nagios 1.x:
        #AuthUserFile /etc/nagios/htpasswd.users
        require valid-user
</DirectoryMatch>

<Directory /usr/share/nagios3/htdocs>
        Options +ExecCGI
</Directory>

# Enable this ScriptAlias if you want to enable the grouplist patch.
# See http://apan.sourceforge.net/download.html for more info
# It allows you to see a clickable list of all hostgroups in the
# left pane of the Nagios web interface
# XXX This is not tested for nagios 2.x use at your own peril
#ScriptAlias /nagios3/side.html /usr/lib/cgi-bin/nagios3/grouplist.cgi
# nagios 1.x:
#ScriptAlias /nagios/side.html /usr/lib/cgi-bin/nagios3/grouplist.cgi

[buee]

Was the nagiosadmin login account removed from the system?

Honestly, I don't know. This system has been running for a long time.

[tgriep]

Everything looks good in the configuration files.

Run these as root and post the output to the ticket.

Code: Select all

ls -l /usr/lib/cgi-bin/nagios3
dpkg -l |grep php

Run this to tail the apache logs.

Code: Select all

tail -f /var/log/apache2/*.log

Open your browser and clear out it's cache and login to the Nagios server.
Do to the Services page and if the message is displayed, post the full output of the tail command.

[buee]

Everything looks good in the configuration files.

Run these as root and post the output to the ticket.

Code: Select all

ls -l /usr/lib/cgi-bin/nagios3
dpkg -l |grep php

Run this to tail the apache logs.

Code: Select all

tail -f /var/log/apache2/*.log

Open your browser and clear out it's cache and login to the Nagios server.
Do to the Services page and if the message is displayed, post the full output of the tail command.

Code: Select all

root@nms:/etc/nagios3# ls -l /usr/lib/cgi-bin/nagios3
total 4012
-rwxr-xr-x 1 nagios www-data 292944 Jun  6  2017 avail.cgi
-rwxr-xr-x 1 nagios www-data 287416 Jun  6  2017 cmd.cgi
-rwxr-xr-x 1 nagios www-data 260088 Jun  6  2017 config.cgi
-rwxr-xr-x 1 nagios www-data 305192 Jun  6  2017 extinfo.cgi
-rwxr-xr-x 1 nagios www-data 251992 Jun  6  2017 histogram.cgi
-rwxr-xr-x 1 nagios www-data 231464 Jun  6  2017 history.cgi
-rwxr-xr-x 1 nagios www-data 227368 Jun  6  2017 notifications.cgi
-rwxr-xr-x 1 nagios www-data 223232 Jun  6  2017 outages.cgi
-rwxr-xr-x 1 nagios www-data 223240 Jun  6  2017 showlog.cgi
-rwxr-xr-x 1 nagios www-data 305200 Jun  6  2017 status.cgi
-rwxr-xr-x 1 nagios www-data 247872 Jun  6  2017 statusmap.cgi
-rwxr-xr-x 1 nagios www-data 243760 Jun  6  2017 statuswml.cgi
-rwxr-xr-x 1 nagios www-data 227376 Jun  6  2017 statuswrl.cgi
-rwxr-xr-x 1 nagios www-data 251992 Jun  6  2017 summary.cgi
-rwxr-xr-x 1 nagios www-data 239704 Jun  6  2017 tac.cgi
-rwxr-xr-x 1 nagios www-data 256088 Jun  6  2017 trends.cgi

Code: Select all

root@nms:/etc/nagios3# dpkg -l | grep php
ii  libapache2-mod-php                    2:7.4+72+ubuntu16.04.1+deb.sury.org+1                    all          server-side, HTML-embedded scripting language (Apache 2 module) (default)
ii  libapache2-mod-php7.3                 7.3.14-1+ubuntu16.04.1+deb.sury.org+1                    amd64        server-side, HTML-embedded scripting language (Apache 2 module)
ii  libapache2-mod-php7.4                 7.4.2-1+ubuntu16.04.1+deb.sury.org+2                     amd64        server-side, HTML-embedded scripting language (Apache 2 module)
ii  php-cli                               2:7.4+72+ubuntu16.04.1+deb.sury.org+1                    all          command-line interpreter for the PHP scripting language (default)
ii  php-cli-prompt                        1.0.1+dfsg-1build1                                       all          tiny helper prompting for user input
ii  php-common                            2:72+ubuntu16.04.1+deb.sury.org+1                        all          Common files for PHP packages
ii  php-composer-semver                   1.2.0-1build1                                            all          Semver library that offers utilities, version constraint parsing and
ii  php-composer-spdx-licenses            1.1.2-1build1                                            all          SPDX licenses list and validation library
ii  php-gd                                2:7.4+72+ubuntu16.04.1+deb.sury.org+1                    all          GD module for PHP [default]
ii  php-gettext                           1.0.11-2+deb.sury.org~xenial+1                           all          read gettext MO files directly, without requiring anything other than PHP
ii  php-json-schema                       1.6.1-1build1                                            all          implementation of JSON schema
ii  php-mbstring                          2:7.4+72+ubuntu16.04.1+deb.sury.org+1                    all          MBSTRING module for PHP [default]
ii  php-mysql                             2:7.4+72+ubuntu16.04.1+deb.sury.org+1                    all          MySQL module for PHP [default]
ii  php-pear                              1:1.10.8+submodules+notgz-1+ubuntu16.04.1+deb.sury.org+1 all          PEAR Base System
ii  php-phpseclib                         2.0.1-1build1                                            all          implementations of an arbitrary-precision integer arithmetic library
ii  php-symfony-console                   2.7.10-0ubuntu2                                          all          run tasks from the command line
ii  php-symfony-filesystem                2.7.10-0ubuntu2                                          all          basic filesystem utilities
ii  php-symfony-finder                    2.7.10-0ubuntu2                                          all          find files and directories
ii  php-symfony-process                   2.7.10-0ubuntu2                                          all          execute commands in sub-processes
ii  php-tcpdf                             6.0.093+dfsg-1ubuntu1                                    all          PHP class for generating PDF files on-the-fly
ii  php-xml                               2:7.4+72+ubuntu16.04.1+deb.sury.org+1                    all          DOM, SimpleXML, WDDX, XML, and XSL module for PHP [default]
ii  php7.3-bz2                            7.3.14-1+ubuntu16.04.1+deb.sury.org+1                    amd64        bzip2 module for PHP
ii  php7.3-cli                            7.3.14-1+ubuntu16.04.1+deb.sury.org+1                    amd64        command-line interpreter for the PHP scripting language
ii  php7.3-common                         7.3.14-1+ubuntu16.04.1+deb.sury.org+1                    amd64        documentation, examples and common module for PHP
ii  php7.3-curl                           7.3.14-1+ubuntu16.04.1+deb.sury.org+1                    amd64        CURL module for PHP
ii  php7.3-gd                             7.3.14-1+ubuntu16.04.1+deb.sury.org+1                    amd64        GD module for PHP
ii  php7.3-json                           7.3.14-1+ubuntu16.04.1+deb.sury.org+1                    amd64        JSON module for PHP
ii  php7.3-mbstring                       7.3.14-1+ubuntu16.04.1+deb.sury.org+1                    amd64        MBSTRING module for PHP
ii  php7.3-mysql                          7.3.14-1+ubuntu16.04.1+deb.sury.org+1                    amd64        MySQL module for PHP
ii  php7.3-opcache                        7.3.14-1+ubuntu16.04.1+deb.sury.org+1                    amd64        Zend OpCache module for PHP
ii  php7.3-readline                       7.3.14-1+ubuntu16.04.1+deb.sury.org+1                    amd64        readline module for PHP
ii  php7.3-xml                            7.3.14-1+ubuntu16.04.1+deb.sury.org+1                    amd64        DOM, SimpleXML, WDDX, XML, and XSL module for PHP
ii  php7.3-zip                            7.3.14-1+ubuntu16.04.1+deb.sury.org+1                    amd64        Zip module for PHP
ii  php7.4-cli                            7.4.2-1+ubuntu16.04.1+deb.sury.org+2                     amd64        command-line interpreter for the PHP scripting language
ii  php7.4-common                         7.4.2-1+ubuntu16.04.1+deb.sury.org+2                     amd64        documentation, examples and common module for PHP
ii  php7.4-gd                             7.4.2-1+ubuntu16.04.1+deb.sury.org+2                     amd64        GD module for PHP
ii  php7.4-json                           7.4.2-1+ubuntu16.04.1+deb.sury.org+2                     amd64        JSON module for PHP
ii  php7.4-mbstring                       7.4.2-1+ubuntu16.04.1+deb.sury.org+2                     amd64        MBSTRING module for PHP
ii  php7.4-mysql                          7.4.2-1+ubuntu16.04.1+deb.sury.org+2                     amd64        MySQL module for PHP
ii  php7.4-opcache                        7.4.2-1+ubuntu16.04.1+deb.sury.org+2                     amd64        Zend OpCache module for PHP
ii  php7.4-readline                       7.4.2-1+ubuntu16.04.1+deb.sury.org+2                     amd64        readline module for PHP
ii  php7.4-xml                            7.4.2-1+ubuntu16.04.1+deb.sury.org+2                     amd64        DOM, SimpleXML, XML, and XSL module for PHP
ii  phpmyadmin                            4:4.5.4.1-2ubuntu2.1

And the logs output:

Code: Select all

root@nms:/etc/nagios3# tail -f /var/log/apache2/*.log
==> /var/log/apache2/access.log <==
127.0.0.1 - - [29/Jan/2020:15:11:56 -0600] "GET / HTTP/1.1" 200 11595 "-" "check_http/v2.1.2 (monitoring-plugins 2.1.2)"
127.0.0.1 - - [29/Jan/2020:15:16:56 -0600] "GET / HTTP/1.1" 200 11595 "-" "check_http/v2.1.2 (monitoring-plugins 2.1.2)"
127.0.0.1 - - [29/Jan/2020:15:21:56 -0600] "GET / HTTP/1.1" 200 11595 "-" "check_http/v2.1.2 (monitoring-plugins 2.1.2)"
127.0.0.1 - - [29/Jan/2020:15:26:56 -0600] "GET / HTTP/1.1" 200 11595 "-" "check_http/v2.1.2 (monitoring-plugins 2.1.2)"
127.0.0.1 - - [29/Jan/2020:15:31:56 -0600] "GET / HTTP/1.1" 200 11595 "-" "check_http/v2.1.2 (monitoring-plugins 2.1.2)"
127.0.0.1 - - [29/Jan/2020:15:36:56 -0600] "GET / HTTP/1.1" 200 11595 "-" "check_http/v2.1.2 (monitoring-plugins 2.1.2)"
127.0.0.1 - - [29/Jan/2020:15:41:56 -0600] "GET / HTTP/1.1" 200 11595 "-" "check_http/v2.1.2 (monitoring-plugins 2.1.2)"
127.0.0.1 - - [29/Jan/2020:15:46:56 -0600] "GET / HTTP/1.1" 200 11595 "-" "check_http/v2.1.2 (monitoring-plugins 2.1.2)"
127.0.0.1 - - [29/Jan/2020:15:51:56 -0600] "GET / HTTP/1.1" 200 11595 "-" "check_http/v2.1.2 (monitoring-plugins 2.1.2)"
127.0.0.1 - - [29/Jan/2020:15:56:56 -0600] "GET / HTTP/1.1" 200 11595 "-" "check_http/v2.1.2 (monitoring-plugins 2.1.2)"

==> /var/log/apache2/error.log <==
[Wed Jan 29 06:25:15.080755 2020] [mpm_prefork:notice] [pid 26568] AH00163: Apache/2.4.18 (Ubuntu) configured -- resuming normal operations
[Wed Jan 29 06:25:15.080789 2020] [core:notice] [pid 26568] AH00094: Command line: '/usr/sbin/apache2'

==> /var/log/apache2/other_vhosts_access.log <==
nms.buee.com:80 192.168.10.56 - - [29/Jan/2020:15:16:06 -0600] "POST /ajax/table/device HTTP/1.1" 200 140643 "http://nms.buee.com/devices" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"
nms.buee.com:80 192.168.10.56 - - [29/Jan/2020:15:21:06 -0600] "POST /ajax/table/device HTTP/1.1" 200 140649 "http://nms.buee.com/devices" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"
nms.buee.com:80 192.168.10.56 - - [29/Jan/2020:15:26:06 -0600] "POST /ajax/table/device HTTP/1.1" 200 140647 "http://nms.buee.com/devices" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"
nms.buee.com:80 192.168.10.56 - - [29/Jan/2020:15:31:06 -0600] "HEAD /poke HTTP/1.1" 204 901 "http://nms.buee.com/devices" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"
nms.buee.com:80 192.168.10.56 - - [29/Jan/2020:15:31:06 -0600] "POST /ajax/table/device HTTP/1.1" 200 140644 "http://nms.buee.com/devices" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"
nms.buee.com:80 192.168.10.56 - - [29/Jan/2020:15:36:06 -0600] "POST /ajax/table/device HTTP/1.1" 200 140645 "http://nms.buee.com/devices" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"
nms.buee.com:80 192.168.10.56 - - [29/Jan/2020:15:41:06 -0600] "POST /ajax/table/device HTTP/1.1" 200 140655 "http://nms.buee.com/devices" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"
nms.buee.com:80 192.168.10.56 - - [29/Jan/2020:15:46:06 -0600] "POST /ajax/table/device HTTP/1.1" 200 140645 "http://nms.buee.com/devices" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"
nms.buee.com:80 192.168.10.56 - - [29/Jan/2020:15:51:06 -0600] "POST /ajax/table/device HTTP/1.1" 200 140629 "http://nms.buee.com/devices" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"
nms.buee.com:80 192.168.10.56 - - [29/Jan/2020:15:56:06 -0600] "POST /ajax/table/device HTTP/1.1" 200 140637 "http://nms.buee.com/devices" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"
nms.buee.com:80 192.168.10.56 - - [29/Jan/2020:16:01:06 -0600] "HEAD /poke HTTP/1.1" 204 907 "http://nms.buee.com/devices" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"
nms.buee.com:80 192.168.10.56 - - [29/Jan/2020:16:01:06 -0600] "POST /ajax/table/device HTTP/1.1" 200 140635 "http://nms.buee.com/devices" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36"

Interesting observation there, I'm accessing via http://192.168.10.176/nagios3/ yet the domain name shows up in the logs. That domain isn't "real", it's a custom hostname I have in PiHole for convenience purposes. I vaguely remember possibly having to provide a hostname for LibreNMS as well (runs on the same server).

[tgriep]

I would bet the PiHole is the issue as it is passing the IP address on as a bad host name.
Remove it or fix it to only pass the IP address and check the Apache Logs again if it fails.

[buee]

I would bet the PiHole is the issue as it is passing the IP address on as a bad host name.
Remove it or fix it to only pass the IP address and check the Apache Logs again if it fails.

I think we've eliminated the PiHole possibility. It's been disabled for about 12 hours and the hostname was removed from it, gravity.sh run afterwards, verified with dig that the hostname no longer returns as it used to. Still can't get Nagios to load. I tried from a VM that's never even pulled up the web page to eliminate browser and DNS cache as well. I got to thinking about it and realized a couple things:

• The appearance of the hostname in that file is normal. The /var/log/apache2/other_vhosts_access.log file is a catchall for undefined virtualhosts, that including LibreNMS and the hostname I was using
• I'm not actually sure where Nagios should be sending its Apache related logs. When I access the web page, there didn't appear to be a new entry in any of the log output that I sent.

So I got to thinking about verifying where Nagios is throwing the web access/error logs. I can't figure it out. It appears the source files are at /usr/share/nagios3/htdocs. But I have yet to find a reference or alias to that path in any of the .conf files I've been able to locate. I changed the AuthName in /etc/nagios3/apache2.conf, restarted both Apache and Nagios, but the Auth Name didn't change. I figure if I can find the virtualhost configuration file that is actually used, I could verify log paths. The quest continues...

[buee]

The web files for Nagios appear to all be owned by root....that seems off to me:

Code: Select all

ls -alh /usr/share/nagios3/htdocs/
total 60K
drwxr-xr-x 8 root root 4.0K Jun 12  2019 .
drwxr-xr-x 5 root root 4.0K Jun 12  2019 ..
-rw-r--r-- 1 root root  549 Jun  6  2017 config.inc.php
drwxr-xr-x 2 root root 4.0K Jun 12  2019 contexthelp
drwxr-xr-x 3 root root 4.0K Jun 12  2019 images
drwxr-xr-x 2 root root 4.0K Jun 12  2019 includes
-rw-r--r-- 1 root root 1.7K Jun  6  2017 index.php
drwxr-xr-x 2 root root 4.0K Jun 12  2019 js
-rw-r--r-- 1 root root 4.3K Jun  6  2017 main.php
drwxr-xr-x 2 root root 4.0K Jun  6  2017 media
-rw-r--r-- 1 root root   26 Jun  6  2017 robots.txt
-rw-r--r-- 1 root root 5.7K Jun  6  2017 side.php
drwxr-xr-x 2 root root 4.0K Jun  6  2017 ssi

[tgriep]

As long as the files are readable by anyone, the files being owned by root is OK.

It has to be an Apache issue. The output you have provided did not show and output for running the status.cgi script.
Below is what I see when clicking on the Services menu in the GUI.

192.168.5.223 - nagiosadmin [30/Jan/2020:08:27:45 -0600] "GET /cgi-bin/nagios3/status.cgi?host=all HTTP/1.1" 200 2987 "http://192.168.0.174/nagios3/side.php" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0"

It seems that something is blocking the access to the cgi-bin folder so the next place to look is the other Apache Config files.
Verify the files and links are valid in the /etc/apache2 folder.

Or the Apache PHP modules have changes and not allowing the side.php script to run the cgi.

[buee]

As long as the files are readable by anyone, the files being owned by root is OK.

It has to be an Apache issue. The output you have provided did not show and output for running the status.cgi script.
Below is what I see when clicking on the Services menu in the GUI.

192.168.5.223 - nagiosadmin [30/Jan/2020:08:27:45 -0600] "GET /cgi-bin/nagios3/status.cgi?host=all HTTP/1.1" 200 2987 "http://192.168.0.174/nagios3/side.php" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0"

It seems that something is blocking the access to the cgi-bin folder so the next place to look is the other Apache Config files.
Verify the files and links are valid in the /etc/apache2 folder.

Or the Apache PHP modules have changes and not allowing the side.php script to run the cgi.

Ok, I'll take a look at all the Apache and PHP configurations. I know I've had to lock apt to PHP7.3 because of some incompatibilities (not with Nagios) with PHP7.4. That's pretty much the only change I've made in the last ~2 years that could possibly affect Nagios. Thanks for all the help so far! I'll report back if/when I find something.