Hello,
I've been trying to get NCSA working for some time, but it seems really hard to get it running smoothly.
After following the procedure described in http://assets.nagios.com/downloads/nagi ... ith_XI.pdf
This is the content of my ncsa file :
# default: on
# description: NSCA (Nagios Service Check Acceptor)
service nsca
{
flags = REUSE
socket_type = stream
wait = no
user = nagios
group = nagios
server = /usr/local/nagios/bin/nsca
server_args = -c /usr/local/nagios/etc/nsca.cfg --inetd
log_on_failure += USERID
disable = no
only_from = xx.xx.18.70 xx.xx.17.27 xx.xx.8.14
}
I installed the NagEventlog software on my WIndows server. The encryption is set to none and the password is correct on the client and server. There is no firewall between the servers or on the servers.
Executing a netstat gives the following result:
[root@server /]# netstat -aunt
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:8022 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:5667 0.0.0.0:* LISTEN
...
So it seems to listen on port 5667, but still when trying to do a telnet or executing a test NSCA daemon or even testing with a send_nsca, I always get a "Could not open a connection to host on port 5667"
Any help is very much appreciated. Monitoring Windows event logs is something we reall need. We already ordered the Nagios XI license, I should receive it in about two weeks. I restarted xinetd, the Nagios XI server and the Nagios Eventlog service on the client.
Willem
NSCA connection troubles
NSCA connection troubles
Nagios XI 5.8.1
https://outsideit.net
https://outsideit.net
-
slansing
- Posts: 7698
- Joined: Mon Apr 23, 2012 4:28 pm
- Location: Travelling through time and space...
Re: NSCA connection troubles
So you cannot telnet into that IP with port 5667? Then something on the windows end is blocking that port,
You also need to select the decryption method and password at Admin -> Inbound Transfers, and make sure they match with the NagEventLog settings
Also, be sure that "Enable Listener For Unconfigured Objects" is checked in
Admin -> Performance Settings -> Subsystem Tab
Out of curiosity, what do you currently get with the following from the Nagios server?:
You also need to select the decryption method and password at Admin -> Inbound Transfers, and make sure they match with the NagEventLog settings
Also, be sure that "Enable Listener For Unconfigured Objects" is checked in
Admin -> Performance Settings -> Subsystem Tab
Out of curiosity, what do you currently get with the following from the Nagios server?:
Code: Select all
iptables -LRe: NSCA connection troubles
Thank you very much for trying to help me.
Here is the output from the iptables -L
[root@server ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Telnetting from the WIndows server to the Nagios server gives the following result:
H:\>telnet xx.xx.24.99 5667
Connecting To xx.xx.24.99...Could not open connection to the host, on port 5667:
Connect failed
In the meantime I tried removing the only_from line as I read Nagios should accept nsca from any host and then tried a telnet from another WIndows server, this time 2003 R2. It still gives me a connection failed message..
The Inbound Transfer settings are configured following the Using NSCA with Nagios XI procedure. Password is on the client too in nageventlog. Encryption is set to none. Clicking the button "Test NSCA daemon" gives an error "Could not connect to xx.XX.24.99 on port 5667 (2)" (i have no idea why there is a (2) )
This telnet should work right (as Nagios seems listening)? At least that's what I thought.
There is no firewall on the Windows server, nor between the WIndows and the Nagios server.
Enable Listener For Unconfigured Objects is checked. (apparently by default as I didn't change it.
Here is the output from the iptables -L
[root@server ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Telnetting from the WIndows server to the Nagios server gives the following result:
H:\>telnet xx.xx.24.99 5667
Connecting To xx.xx.24.99...Could not open connection to the host, on port 5667:
Connect failed
In the meantime I tried removing the only_from line as I read Nagios should accept nsca from any host and then tried a telnet from another WIndows server, this time 2003 R2. It still gives me a connection failed message..
The Inbound Transfer settings are configured following the Using NSCA with Nagios XI procedure. Password is on the client too in nageventlog. Encryption is set to none. Clicking the button "Test NSCA daemon" gives an error "Could not connect to xx.XX.24.99 on port 5667 (2)" (i have no idea why there is a (2) )
This telnet should work right (as Nagios seems listening)? At least that's what I thought.
There is no firewall on the Windows server, nor between the WIndows and the Nagios server.
Enable Listener For Unconfigured Objects is checked. (apparently by default as I didn't change it.
Nagios XI 5.8.1
https://outsideit.net
https://outsideit.net
-
scottwilkerson
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: NSCA connection troubles
You will need to add the iptables rule to allow port 5667. Instructions can be found here
http://support.nagios.com/forum/viewtop ... =10#p36543
http://support.nagios.com/forum/viewtop ... =10#p36543
Re: NSCA connection troubles
I'm sorry, it says i'm not authorised to view this page. We ordered the XI license, but didn't receive it yet. Can you please copy paste the output in this thread or pm it? Thanks!
Nagios XI 5.8.1
https://outsideit.net
https://outsideit.net
-
scottwilkerson
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: NSCA connection troubles
Sorry, didn't realize that was on the customer forum, here's what was in the post
You can modify iptalbes doing the following:
Open the iptables-config in a text editor:
vi /etc/sysconfig/iptables-config
...and change these two lines:
IPTABLES_SAVE_ON_STOP="no"
to:
IPTABLES_SAVE_ON_STOP="yes"
and
IPTABLES_SAVE_ON_RESTART="no"
to:
IPTABLES_SAVE_ON_RESTART="yes"
Save the file and exit.
Run this command:
iptables -I INPUT -p tcp --dport 5667 -j ACCEPT
Check if these rules have been added:
iptables -L -n
Re: NSCA connection troubles
Hello,
Just tested this and telnetting and the nageventlog daemon test works now!
Thanks for the help!
Willem
Just tested this and telnetting and the nageventlog daemon test works now!
Thanks for the help!
Willem
Nagios XI 5.8.1
https://outsideit.net
https://outsideit.net