Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Check for updates using the NCPA agent

https://support.nagios.com/forum/viewtopic.php?t=63945

Page 2 of 4

Re: Check for updates using the NCPA agent

Posted: Tue Nov 30, 2021 4:06 am
by jakai
MONITORME is Linux Ubuntu. This command isnt function :?

Re: Check for updates using the NCPA agent

Posted: Tue Nov 30, 2021 2:31 pm
by pbroste
Hello @jakai

Thanks for following up @gsmith is out of the office today. I see that he had you run the telnet command to verify the ability to connect on port 5693. Sounds like you want to go ahead and verify firewall status rules.

Depending on your distro and what it services are enabled we want to first check to see is 'ufw' (Uncomplicated Firewall) is enabled and configured for your distro.

Code: Select all

ufw status
Depending on the results you can configure your firewall with the 'ufw' or use 'iptables' to open/allow port 5693. Both have plenty of online help man's available to refer to.

Please let us know how things are looking,
Perry

Re: Check for updates using the NCPA agent

Posted: Wed Dec 01, 2021 5:06 am
by jakai
Hello,
I have open port.

Re: Check for updates using the NCPA agent

Posted: Wed Dec 01, 2021 1:12 pm
by pbroste
Hello @jakai

Thanks for following up, with the details we see that port 5693 is allowed and that the 'ncpa_listener' and 'ncpa_passive' services are running on the device receiving the connection request. Please make sure that there are no security applications blocking things, like Selinux or Apparamor.

Verify that the services are 'established':

Code: Select all

ss -p | grep -Ei 'ncpa|5693'
View ports established/listening port for conflicts:

Code: Select all

netstat -an | grep -E '5693'
or

Code: Select all

ss -at
Setting the ncpa.cfg to listen for ipv4: (or manually updating /usr/local/ncpa/etc/ncpa.cfg)

Code: Select all

sed -i 's/#ip = 0.0.0.0/ip = 0.0.0.0/g' /usr/local/ncpa/etc/ncpa.cfg
Then restarting the 'ncpa_listener':

Code: Select all

systemctl restart ncpa_listener
Verify that you are able to connect:

Code: Select all

curl -v telnet://XXX.XXX.XX.XXX:5693
where XXX.XXX.XX.XXX is the IP of the machine you are trying to monitor

If it comes back with:
[root@gs-rhel8-23-84 audit]# curl -v telnet://192.168.23.81:5693
* Rebuilt URL to: telnet://192.168.23.81:5693/
* Trying 192.168.23.81...
* TCP_NODELAY set
* Connected to 192.168.23.81 (192.168.23.81) port 5693 (#0)
then that means we have connectivity. Use ctrl-c to exit out of the curl command.
Or take a look at the route:

Code: Select all

traceroute xxx.xxx.xxx.xxx -p 5693
The example results should look like:
traceroute to xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx), 30 hops max, 60 byte packets
1 xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx) 0.216 ms 0.197 ms 0.179 ms
Please let us know how things are looking,
Perry

Re: Check for updates using the NCPA agent

Posted: Mon Dec 06, 2021 7:09 am
by jakai
I did everything according to your procedure. Unfortunately, the problem still persists.

Re: Check for updates using the NCPA agent

Posted: Mon Dec 06, 2021 4:39 pm
by pbroste
Hello @jakai

Thanks for following up with the screenshot, it appears that it is listening for ipv6 address and not a ipv4 address. Let's verify what address your server is associated with to make sure that you are not using a ipv6 internal address.

Code: Select all

ip address
or

Code: Select all

ifconfig
In the previous message I had you set the ncpa config to listen to ipv4 address:
setting the ncpa.cfg to listen for ipv4: (or manually updating /usr/local/ncpa/etc/ncpa.cfg)

Code: Select all

sed -i 's/#ip = 0.0.0.0/ip = 0.0.0.0/g' /usr/local/ncpa/etc/ncpa.cfg
Let's verify that this was updated in the config:

Code: Select all

cat /usr/local/ncpa/etc/ncpa.cfg | grep 'ip ='
The result will look something like this: (red is the line of interest)
# Default: ip = ::
# Default (Windows): ip = 0.0.0.0
ip = 0.0.0.0
Please make the necessary adjustments if needed then restart the service:

Then restarting the 'ncpa_listener':

Code: Select all

systemctl restart ncpa_listener
Thanks,
Perry

Re: Check for updates using the NCPA agent

Posted: Tue Dec 07, 2021 6:34 am
by jakai
I did as you write. The problem still persists.

Re: Check for updates using the NCPA agent

Posted: Tue Dec 07, 2021 5:14 pm
by pbroste
Hello @jakai

Looks like the screenshot may have cut off some, it should not have a "#" in front of the ip = 0.0.0.0

Code: Select all

cat /usr/local/ncpa/etc/ncpa.cfg | grep 'ip ='
Please verify and make the necessary updates if needed and then restart the ncpa_listener.

Thanks,
Perry

Re: Check for updates using the NCPA agent

Posted: Thu Dec 16, 2021 4:39 am
by jakai
I've tried this before. This procedure does not work. :cry: :oops:

Re: Check for updates using the NCPA agent

Posted: Thu Dec 16, 2021 3:05 pm
by pbroste
Hello @jakai

Thanks for following up, and circling back want to go ahead and get the config and logs from you on this so we can see what is going on.

Code: Select all

grep -Eir 'ncpa' /var/log/* > /tmp/ncpatemp.txt && tar -cvf /tmp/ncpainfo.tar.gz /usr/local/ncpa/var/ /usr/local/ncpa/etc/ /tmp/ncpatemp.txt
Let's verify the version:

Code: Select all

/usr/local/nagios/libexec/check_ncpa.py -H yourhostaddresshere -V
Want to get a list:

Code: Select all

/usr/local/nagios/libexec/check_ncpa.py -H yourhostaddresshere -t yourtokenhere --list --verbose
Please [PM] over the '/tmp/ncpainfo.tar.gz' when you get a chance, we will get this dialed in.

Thanks,
Perry
All times are UTC-05:00
Page 2 of 4

Powered by phpBB® Forum Software © phpBB Limited