Monitoring devices I can't connect to directly

[sylvesterc]

I need to monitor devices I have no direct access to (in private network, no port forwarding /whatever is allowed from outside).

What is the simplest way to start monitoring such devices with Nagios?

Thank you in advance for explanations.

-- Sylvester

[tmcdonald]

In cases like this you would want to look into passive check results, which is sort of the opposite of active checks. Instead of Nagios checking the host, the host reports back to Nagios.

http://nagios.sourceforge.net/docs/3_0/ ... hecks.html

[sylvesterc]

@tmcdonald, thank you for the link. Indeed, it means using passive checks. However, it also means writing a script every time I need to set up such a monitoring.

I wonder, is it possible to install Nagios within closed network, and instruct it to generate proper command file for outer ("master") Nagios installation?

It could somewhat save time and necessity to re-write the script every time I need change in what I monitor behind the firewall.

-- Sylvester

[falken]

Hi,

You can also use VPN as an option.

I wonder, is it possible to install Nagios within closed network, and instruct it to generate proper command file for outer ("master") Nagios installation?

You can try to use mk_livestatus and export it somewhere (ex. your company ftp) and use this exported status at your main nagios host with thruk or other livestatus frontend.

Cheers.

[sreinhardt]

Opposed to having an internal core engine generate configs, you should be able to push via nrdp or nrds from the inner protected network out to the main nagios system, in much the same way that passive checks work, with the notable exception that you have a full core available in both places! Take a look at distributed monitoring.

[sylvesterc]

Thanks for the responses and links. From what I saw, DNX looks the solution most close to what I need.

[slansing]

If going that route I'd highly recommend using Mod_gearman instead of DNX as DNX has been unsupported and undeveloped for years at this point.

[sylvesterc]

If going that route I'd highly recommend using Mod_gearman instead of DNX as DNX has been unsupported and undeveloped for years at this point.

Looks like a trend - what seemed most convenient goes unsupported. Thank for the recommendation, I'll study it shortly.

-- Sylvester

[tmcdonald]

If going that route I'd highly recommend using Mod_gearman instead of DNX as DNX has been unsupported and undeveloped for years at this point.

Looks like a trend - what seemed most convenient goes unsupported. Thank for the recommendation, I'll study it shortly.

-- Sylvester

Yea, unfortunately that's often the case with some open-source projects. We try to keep with the times and if a third-party project like DNX goes without updates we'll naturally start looking for something like mod_gearman to replace it. While convenience may be an issue (gearman can be a bit touchy) I don't think you'll be disappointed once you get the hang of it.