Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

(null) attacks

https://support.nagios.com/forum/viewtopic.php?t=11718

Page 2 of 2

Re: (null) attacks

Posted: Sun Sep 22, 2013 7:24 am
by grimsniffer
In order:

1. I very much doubt this is a perl issue. 100% of my plugins are perl based, but when I run the same plugins exactly (copy-paste, adjusting for resource/host variables, from the configuration) from the command line while this is happening, all is well.
2. I just checked - no segfaults while this happened.
3. I would definitely consider upgrading if I was absolutely sure this would solve the problem. Otherwise, seeing as this is a production environment, I'd rather not tinker with it too much potentially needlessly.

Regarding IO - there actually could be something there. I set up a monitor for this on the localhost (silly me, I monitor this everywhere else, but not on good ol' 127.0.0.1)... I'll wait for this to happen again, correlate and update here. I remember tinkering with moving some temp data into the RAM and having some trouble with it (mostly GUI trouble, pages not rendering properly, etc.) - but if this is indeed the problem, I'll delve deeper into it.

Thanks for the suggestions! I promise to keep you all posted.

Re: (null) attacks

Posted: Mon Sep 23, 2013 9:29 am
by sreinhardt
the only other thing, off the top of my head, would be per user process\thread limits, especially since you can run these via root or another user when you log in. Let's just check the current limits when you have a chance.

Code: Select all

ulimit -a

Re: (null) attacks

Posted: Sun Oct 27, 2013 7:27 am
by grimsniffer
Okay - I think I found the problem.
I say "think", because this is one of those "it makes sense, but I don't have hard-proof yet" things.

I was looking at the kernel thread limit, which is indeed ~140k - however, I did not look at the per-user pending signals limit, which is about 70K - which (as you can see in the graph on the first page of this thread) is (more or less) the number of threads at which I crash.
I doubled that number to 140K, and I sincerely hope it'll do the trick.

Thanks for all the help, you've got a great forum here!

Re: (null) attacks

Posted: Mon Oct 28, 2013 9:14 am
by slansing
Great! Let us know what the results are!!

Re: (null) attacks

Posted: Wed May 28, 2014 3:50 am
by grimsniffer
The better part of a year has passed and there was no occurrence, so I can safely say this solved my problem.

In case someone happens upon this thread, please see this page for the jist of it:
http://www.unixarena.com/2013/12/how-to ... edhat.html

Re: (null) attacks

Posted: Wed May 28, 2014 9:22 am
by tmcdonald
Thanks for coming back and letting us know! I remember this thread from my first few weeks here, so it's cool to see it's working out alright now.

I'd like to put this thread to rest, so if you need anything else just let us know.
All times are UTC-05:00
Page 2 of 2

Powered by phpBB® Forum Software © phpBB Limited