Support for Nagios products and services
https://support.nagios.com/forum/
Code: Select all
service crond restart
ps -ef | grep cron
chage nagios -l
tail -50 /var/log/cronHi..lmiltchev wrote:Can cron run as nagios? Run the following commands and show us the output:
Code: Select all
service crond restart ps -ef | grep cron chage nagios -l tail -50 /var/log/cron
Code: Select all
[root@lussvpnagiosxi00 ~]# service crond restart
Stopping crond: [ OK ]
Starting crond: [ OK ]
Code: Select all
[root@lussvpnagiosxi00 ~]# ps -ef | grep cron
root 9815 1 27 00:14 ? 00:00:01 crond
root 9837 5882 0 00:14 pts/1 00:00:00 grep cron
Code: Select all
[root@lussvpnagiosxi00 ~]# chage nagios -l
Last password change : Jun 17, 2015
Password expires : Sep 15, 2015
Password inactive : never
Account expires : never
Minimum number of days between password change : 7
Maximum number of days between password change : 90
Number of days of warning before password expires : 7
Code: Select all
[root@lussvpnagiosxi00 ~]# tail -50 /var/log/cron
Sep 23 00:09:01 lussvpnagiosxi00 crond[8579]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:09:01 lussvpnagiosxi00 crond[8572]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8789]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8794]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8792]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8796]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8793]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8790]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8788]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8797]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8795]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 crond[8791]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:10:01 lussvpnagiosxi00 CROND[8811]: (root) CMD (LANG=C LC_ALL=C /usr/bin/mrtg /etc/mrtg/mrtg.cfg --lock-file /var/lock/mrtg/mrtg_l --confcache-file /var/lib/mrtg/mrtg.ok)
Sep 23 00:10:01 lussvpnagiosxi00 CROND[8812]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Sep 23 00:11:01 lussvpnagiosxi00 crond[9017]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:11:01 lussvpnagiosxi00 crond[9019]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:11:01 lussvpnagiosxi00 crond[9022]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:11:01 lussvpnagiosxi00 crond[9024]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:11:01 lussvpnagiosxi00 crond[9018]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:11:01 lussvpnagiosxi00 crond[9020]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:11:01 lussvpnagiosxi00 crond[9023]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:11:01 lussvpnagiosxi00 crond[9021]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:12:01 lussvpnagiosxi00 crond[9227]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:12:01 lussvpnagiosxi00 crond[9226]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:12:01 lussvpnagiosxi00 crond[9229]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:12:01 lussvpnagiosxi00 crond[9230]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:12:01 lussvpnagiosxi00 crond[9232]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:12:01 lussvpnagiosxi00 crond[9225]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:12:01 lussvpnagiosxi00 crond[9228]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:12:01 lussvpnagiosxi00 crond[9231]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:13:01 lussvpnagiosxi00 crond[9443]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:13:01 lussvpnagiosxi00 crond[9442]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:13:01 lussvpnagiosxi00 crond[9445]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:13:01 lussvpnagiosxi00 crond[9446]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:13:01 lussvpnagiosxi00 crond[9447]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:13:01 lussvpnagiosxi00 crond[9444]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:13:01 lussvpnagiosxi00 crond[9441]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:13:01 lussvpnagiosxi00 crond[9448]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:14:01 lussvpnagiosxi00 crond[9671]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:14:01 lussvpnagiosxi00 crond[9668]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:14:01 lussvpnagiosxi00 crond[9666]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:14:01 lussvpnagiosxi00 crond[9667]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:14:01 lussvpnagiosxi00 crond[9670]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:14:01 lussvpnagiosxi00 crond[9673]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:14:01 lussvpnagiosxi00 crond[9672]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:14:01 lussvpnagiosxi00 crond[9669]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 00:14:36 lussvpnagiosxi00 crond[9815]: (CRON) STARTUP (1.4.4)
Sep 23 00:14:36 lussvpnagiosxi00 crond[9815]: (CRON) INFO (RANDOM_DELAY will be scaled with factor 83% if used.)
Sep 23 00:14:37 lussvpnagiosxi00 crond[9815]: (CRON) INFO (running with inotify support)
Sep 23 00:14:37 lussvpnagiosxi00 crond[9815]: (CRON) INFO (@reboot jobs will be run at computer's startup.)
You need to allow cron to run as nagios (not only as root)... Modify your PAM settings. The "ps" output would normally show the nagios cron jobs running, i.e.:Sep 23 00:10:01 lussvpnagiosxi00 crond[8796]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Code: Select all
ps -ef | grep cron
root 1625 1 0 Sep14 ? 00:00:18 crond
nagios 20816 20814 0 10:07 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/cmdsubsys.php > /usr/local/nagiosxi/var/cmdsubsys.log 2>&1
nagios 20817 20812 0 10:07 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/feedproc.php > /usr/local/nagiosxi/var/feedproc.log 2>&1
nagios 20819 20808 0 10:07 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/cleaner.php > /usr/local/nagiosxi/var/cleaner.log 2>&1
nagios 20820 20813 0 10:07 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/eventman.php > /usr/local/nagiosxi/var/eventman.log 2>&1
nagios 20821 20815 0 10:07 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/sysstat.php > /usr/local/nagiosxi/var/sysstat.log 2>&1
nagios 20822 20816 4 10:07 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/cmdsubsys.php
nagios 20823 20811 0 10:07 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/perfdataproc.php > /usr/local/nagiosxi/var/perfdataproc.log 2>&1
nagios 20824 20817 5 10:07 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/feedproc.php
nagios 20825 20820 7 10:07 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/eventman.php
nagios 20826 20821 5 10:07 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/sysstat.php
nagios 20829 20819 9 10:07 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/cleaner.php
nagios 20830 20823 4 10:07 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/perfdataproc.php
root 20928 18009 0 10:07 pts/2 00:00:00 grep cronYou can remove the password on nagios user by running:Password expires : Sep 15, 2015
Code: Select all
chage -I -1 -m -1 -E -1 nagiosHi..lmiltchev wrote:Here's your issue:
You need to allow cron to run as nagios (not only as root)... Modify your PAM settings. The "ps" output would normally show the nagios cron jobs running, i.e.:Sep 23 00:10:01 lussvpnagiosxi00 crond[8796]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Is your nagios password expired?Code: Select all
ps -ef | grep cron root 1625 1 0 Sep14 ? 00:00:18 crond nagios 20816 20814 0 10:07 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/cmdsubsys.php > /usr/local/nagiosxi/var/cmdsubsys.log 2>&1 nagios 20817 20812 0 10:07 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/feedproc.php > /usr/local/nagiosxi/var/feedproc.log 2>&1 nagios 20819 20808 0 10:07 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/cleaner.php > /usr/local/nagiosxi/var/cleaner.log 2>&1 nagios 20820 20813 0 10:07 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/eventman.php > /usr/local/nagiosxi/var/eventman.log 2>&1 nagios 20821 20815 0 10:07 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/sysstat.php > /usr/local/nagiosxi/var/sysstat.log 2>&1 nagios 20822 20816 4 10:07 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/cmdsubsys.php nagios 20823 20811 0 10:07 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/perfdataproc.php > /usr/local/nagiosxi/var/perfdataproc.log 2>&1 nagios 20824 20817 5 10:07 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/feedproc.php nagios 20825 20820 7 10:07 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/eventman.php nagios 20826 20821 5 10:07 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/sysstat.php nagios 20829 20819 9 10:07 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/cleaner.php nagios 20830 20823 4 10:07 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/perfdataproc.php root 20928 18009 0 10:07 pts/2 00:00:00 grep cronYou can remove the password on nagios user by running:Password expires : Sep 15, 2015Code: Select all
chage -I -1 -m -1 -E -1 nagios
Could you please let me know how can I make it run using Nagios user tooSep 23 00:10:01 lussvpnagiosxi00 crond[8796]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Code: Select all
chage -I -1 -m -1 -E -1 nagiosCode: Select all
tail -10 /var/log/cron
Sep 23 15:22:53 lussvpnagiosxi00 crond[27787]: (CRON) INFO (@reboot jobs will be run at computer's startup.)
Sep 23 15:23:01 lussvpnagiosxi00 crond[27833]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 15:23:01 lussvpnagiosxi00 crond[27831]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 15:23:01 lussvpnagiosxi00 crond[27828]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 15:23:01 lussvpnagiosxi00 crond[27829]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 15:23:01 lussvpnagiosxi00 crond[27832]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 15:23:01 lussvpnagiosxi00 crond[27830]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 15:23:01 lussvpnagiosxi00 crond[27827]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Sep 23 15:23:01 lussvpnagiosxi00 crond[27834]: (nagios) FAILED to authorize user with PAM (Authentication token is no longer valid; new one required)
Code: Select all
chage nagios -l
ps -ef | grep cron
Hi Please find the outputlmiltchev wrote:Can you run the following commands again and show the output?
It seems to me that someone has modified PAM. You will need to talk to whoever "hardened" the box as modifying PAM is out of the scope of Nagios support. I would recommend checking the "Code: Select all
chage nagios -l ps -ef | grep cron" and "/etc/security/access.conf" files. Do you have "/etc/cron.allow" or "/etc/cron.deny" on this box?Code: Select all
/etc/pam.d/crond
Code: Select all
[root@lussvpnagiosxi00 ~]# chage nagios -l
Last password change : Jun 17, 2015
Password expires : Sep 15, 2015
Password inactive : never
Account expires : never
Minimum number of days between password change : -1
Maximum number of days between password change : 90
Number of days of warning before password expires : 7
Code: Select all
[root@lussvpnagiosxi00 ~]# ps -ef | grep cron
root 22231 22144 0 22:00 pts/1 00:00:00 grep cron
root 27787 1 0 15:22 ? 00:00:03 crond
Code: Select all
[root@lussvpnagiosxi00 pam.d]# cat crond
#
# The PAM configuration file for the cron daemon
#
#
# No PAM authentication called, auth modules not needed
account required pam_access.so
account include password-auth
session required pam_loginuid.so
session include password-auth
auth include password-auth
Code: Select all
[root@lussvpnagiosxi00 pam.d]# cat /etc/security/access.conf
# Login access control table.
#
# Comment line must start with "#", no space at front.
# Order of lines is important.
#
# When someone logs in, the table is scanned for the first entry that
# matches the (user, host) combination, or, in case of non-networked
# logins, the first entry that matches the (user, tty) combination. The
# permissions field of that table entry determines whether the login will
# be accepted or refused.
#
# Format of the login access control table is three fields separated by a
# ":" character:
#
# [Note, if you supply a 'fieldsep=|' argument to the pam_access.so
# module, you can change the field separation character to be
# '|'. This is useful for configurations where you are trying to use
# pam_access with X applications that provide PAM_TTY values that are
# the display variable like "host:0".]
#
# permission : users : origins
#
# The first field should be a "+" (access granted) or "-" (access denied)
# character.
#
# The second field should be a list of one or more login names, group
# names, or ALL (always matches). A pattern of the form user@host is
# matched when the login name matches the "user" part, and when the
# "host" part matches the local machine name.
#
# The third field should be a list of one or more tty names (for
# non-networked logins), host names, domain names (begin with "."), host
# addresses, internet network numbers (end with "."), ALL (always
# matches), NONE (matches no tty on non-networked logins) or
# LOCAL (matches any string that does not contain a "." character).
#
# You can use @netgroupname in host or user patterns; this even works
# for @usergroup@@hostgroup patterns.
#
# The EXCEPT operator makes it possible to write very compact rules.
#
# The group file is searched only when a name does not match that of the
# logged-in user. Both the user's primary group is matched, as well as
# groups in which users are explicitly listed.
# To avoid problems with accounts, which have the same name as a group,
# you can use brackets around group names '(group)' to differentiate.
# In this case, you should also set the "nodefgroup" option.
#
# TTY NAMES: Must be in the form returned by ttyname(3) less the initial
# "/dev" (e.g. tty1 or vc/1)
#
##############################################################################
#
# Disallow non-root logins on tty1
#
#-:ALL EXCEPT root:tty1
#
# Disallow console logins to all but a few accounts.
#
#-:ALL EXCEPT wheel shutdown sync:LOCAL
#
# Same, but make sure that really the group wheel and not the user
# wheel is used (use nodefgroup argument, too):
#
#-:ALL EXCEPT (wheel) shutdown sync:LOCAL
#
# Disallow non-local logins to privileged accounts (group wheel).
#
#-:wheel:ALL EXCEPT LOCAL .win.tue.nl
#
# Some accounts are not allowed to login from anywhere:
#
#-:wsbscaro wsbsecr wsbspac wsbsym wscosor wstaiwde:ALL
#
# All other accounts are allowed to login from anywhere.
#
##############################################################################
# All lines from here up to the end are building a more complex example.
##############################################################################
#
# User "root" should be allowed to get access via cron .. tty5 tty6.
#+ : root : cron crond :0 tty1 tty2 tty3 tty4 tty5 tty6
#
# User "root" should be allowed to get access from hosts with ip addresses.
#+ : root : 192.168.200.1 192.168.200.4 192.168.200.9
#+ : root : 127.0.0.1
#
# User "root" should get access from network 192.168.201.
# This term will be evaluated by string matching.
# comment: It might be better to use network/netmask instead.
# The same is 192.168.201.0/24 or 192.168.201.0/255.255.255.0
#+ : root : 192.168.201.
#
# User "root" should be able to have access from domain.
# Uses string matching also.
#+ : root : .foo.bar.org
#
# User "root" should be denied to get access from all other sources.
#- : root : ALL
#
# User "foo" and members of netgroup "nis_group" should be
# allowed to get access from all sources.
# This will only work if netgroup service is available.
#+ : @nis_group foo : ALL
#
# User "john" should get access from ipv4 net/mask
#+ : john : 127.0.0.0/24
#
# User "john" should get access from ipv4 as ipv6 net/mask
#+ : john : ::ffff:127.0.0.0/127
#
# User "john" should get access from ipv6 host address
#+ : john : 2001:4ca0:0:101::1
#
# User "john" should get access from ipv6 host address (same as above)
#+ : john : 2001:4ca0:0:101:0:0:0:1
#
# User "john" should get access from ipv6 net/mask
#+ : john : 2001:4ca0:0:101::/64
#
# All other users should be denied to get access from all sources.
#- : ALL : ALL
Code: Select all
[root@lussvpnagiosxi00 etc]# ls -ltr /etc/cron.allow
-r--------. 1 root root 5 Jul 16 2013 /etc/cron.allow
[root@lussvpnagiosxi00 etc]# ls -ltr /etc/cron.deny
-rw-------. 1 root root 0 Sep 12 2013 /etc/cron.deny
Code: Select all
[root@lussvpnagiosxi00 etc]# cat /etc/cron.allow
root
[root@lussvpnagiosxi00 etc]# cat /etc/cron.deny
[root@lussvpnagiosxi00 etc]#
Code: Select all
Password expires : Sep 15, 2015Code: Select all
Password expires : neverCode: Select all
chage -I -1 -m -1 -E -1 nagiosCode: Select all
chage nagios -lCode: Select all
service crond stop
killall crond
service crond start
Code: Select all
ps -ef | grep cronHi..lmiltchev wrote:For some reason, the password expiration line didn't change after running the command I gave you. You still have:
but you should have:Code: Select all
Password expires : Sep 15, 2015
Did you use "-1" (number one) or "-l" (letter L)? This needs to be a number:Code: Select all
Password expires : never
Try running the above command again and check to see if the password expiration line changed:Code: Select all
chage -I -1 -m -1 -E -1 nagios
Next, try stopping/starting crond again:Code: Select all
chage nagios -l
and check to see if cronjobs are running:Code: Select all
service crond stop killall crond service crond start
If this doesn't resolve your issue, I would recommend contacting your security/admin team. There is no way for us to know what they have changed on the system.Code: Select all
ps -ef | grep cron
Code: Select all
chage -m 0 -M 99999 -I -1 -E -1 nagios
Code: Select all
chage --list nagios
Last password change : Jun 17, 2015
Password expires : never
Password inactive : never
Account expires : never
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7
Code: Select all
[root@lussvpnagiosxi00 ~]# service crond stop
Stopping crond: [ OK ]
[root@lussvpnagiosxi00 ~]# killall crond
[root@lussvpnagiosxi00 ~]# service crond start
Starting crond: [ OK ]
[root@lussvpnagiosxi00 ~]# ps -ef | grep cron
nagios 12882 1 0 08:16 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/cmdsubsys.php > /usr/local/nagiosxi/var/cmdsubsys.log 2>&1
nagios 12883 1 0 08:16 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/feedproc.php > /usr/local/nagiosxi/var/feedproc.log 2>&1
nagios 12885 1 0 08:16 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/sysstat.php > /usr/local/nagiosxi/var/sysstat.log 2>&1
nagios 12886 1 0 08:16 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/perfdataproc.php > /usr/local/nagiosxi/var/perfdataproc.log 2>&1
nagios 12888 1 0 08:16 ? 00:00:00 /bin/sh -c /usr/bin/php -q /usr/local/nagiosxi/cron/eventman.php > /usr/local/nagiosxi/var/eventman.log 2>&1
nagios 12891 12885 0 08:16 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/sysstat.php
nagios 12893 12882 0 08:16 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/cmdsubsys.php
nagios 12894 12888 0 08:16 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/eventman.php
nagios 12895 12886 0 08:16 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/perfdataproc.php
nagios 12896 12883 0 08:16 ? 00:00:00 /usr/bin/php -q /usr/local/nagiosxi/cron/feedproc.php
nagios 13081 12482 0 08:16 ? 00:00:00 /usr/local/nagios/libexec/check_nrpe -H 172.28.45.65 -t 30 -c check_services -a cron
root 13094 1 20 08:16 ? 00:00:01 crond
root 13154 21674 0 08:16 pts/1 00:00:00 grep cron
[root@lussvpnagiosxi00 ~]# service nagios restart
Running configuration check...
Stopping nagios: done.
Starting nagios: done.
