Page 5 of 6
Re: Possible client issues?
Posted: Mon Apr 22, 2013 3:18 pm
by mobiledataforce
Code: Select all
[modules]
NRPEListener.dll
NSClientListener.dll
CheckWMI.dll
FileLogger.dll
CheckSystem.dll
CheckDisk.dll
CheckEventLog.dll
CheckHelpers.dll
;# NSCLIENT++ MODULES
;# A list with DLLs to load at startup.
; You will need to enable some of these for NSClient++ to work.
; ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !
; * *
; * N O T I C E ! ! ! - Y O U H A V E T O E D I T T H I S *
; * *
; ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !
FileLogger.dll
CheckSystem.dll
CheckDisk.dll
NSClientListener.dll
NRPEListener.dll
SysTray.dll
CheckEventLog.dll
CheckHelpers.dll
CheckWMI.dll
CheckNSCP.dll
;
; Script to check external scripts and/or internal aliases.
;CheckExternalScripts.dll
;
; NSCA Agent if you enable this NSClient++ will talk to NSCA hosts repeatedly (so dont enable unless you want to use NSCA)
;NSCAAgent.dll
;
; LUA script module used to write your own "check deamon".
;LUAScript.dll
;
; RemoteConfiguration IS AN EXTREM EARLY IDEA SO DONT USE FOR PRODUCTION ENVIROMNEMTS!
;RemoteConfiguration.dll
; Check other hosts through NRPE extreme beta and probably a bit dangerous! :)
;NRPEClient.dll
; Extreamly early beta of a task-schedule checker
;CheckTaskSched.dll
[crash]
; Archive crash dump files if a crash is detected
;archive=1
; Submit crash reports to a crash report server (this overrrides archive)
;submit=0
; Restart service if a crash is detected
;restart=1
[Settings]
;# OBFUSCATED PASSWORD
; This is the same as the password option but here you can store the password in an obfuscated manner.
; *NOTICE* obfuscation is *NOT* the same as encryption, someone with access to this file can still figure out the
; password. Its just a bit harder to do it at first glance.
;obfuscated_password=Jw0KAUUdXlAAUwASDAAB
;
;# PASSWORD
; This is the password (-s) that is required to access NSClient remotely. If you leave this blank everyone will be able to access the daemon remotly.
;password=secret-password
;
;# ALLOWED HOST ADDRESSES
; This is a comma-delimited list of IP address of hosts that are allowed to talk to the all daemons.
; If leave this blank anyone can access the deamon remotly (NSClient still requires a valid password).
; The syntax is host or ip/mask so 192.168.0.0/24 will allow anyone on that subnet access
allowed_hosts=0.0.0.0
;
;# USE THIS FILE
; Use the INI file as opposed to the registry if this is 0 and the use_reg in the registry is set to 1
; the registry will be used instead.
use_file=1
allowed_hosts=0.0.0.0
password=PASSWORD
;
; # USE SHARED MEMORY CHANNELS
; This is the "new" way for using the system tray based on an IPC framework on top shared memmory channels and events.
; It is brand new and (probably has bugs) so dont enable this unless for testing!
; If set to 1 shared channels will be created and system tray icons created and such and such...
;shared_session=0
[log]
;# LOG DEBUG
; Set to 1 if you want debug message printed in the log file (debug messages are always printed to stdout when run with -test)
;debug=1
;
;# LOG FILE
; The file to print log statements to
;file=nsclient.log
;
;# LOG DATE MASK
; The format to for the date/time part of the log entry written to file.
;date_mask=%Y-%m-%d %H:%M:%S
;
;# LOG ROOT FOLDER
; The root folder to use for logging.
; exe = the folder where the executable is located
; local-app-data = local application data (probably a better choice then the old default)
;root_folder=exe
[NSClient]
;# ALLOWED HOST ADDRESSES
; This is a comma-delimited list of IP address of hosts that are allowed to talk to NSClient deamon.
; If you leave this blank the global version will be used instead.
allowed_hosts=0.0.0.0
;
;# NSCLIENT PORT NUMBER
; This is the port the NSClientListener.dll will listen to.
port=12489
;
;# BIND TO ADDRESS
; Allows you to bind server to a specific local address. This has to be a dotted ip adress not a hostname.
; Leaving this blank will bind to all avalible IP adresses.
;bind_to_address=
;
;# SOCKET TIMEOUT
; Timeout when reading packets on incoming sockets. If the data has not arrived withint this time we will bail out.
;socket_timeout=30
[NRPE]
;# NRPE PORT NUMBER
; This is the port the NRPEListener.dll will listen to.
port=5666
;
;# COMMAND TIMEOUT
; This specifies the maximum number of seconds that the NRPE daemon will allow plug-ins to finish executing before killing them off.
;command_timeout=60
;
;# COMMAND ARGUMENT PROCESSING
; This option determines whether or not the NRPE daemon will allow clients to specify arguments to commands that are executed.
allow_arguments=1
;
;# COMMAND ALLOW NASTY META CHARS
; This option determines whether or not the NRPE daemon will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
allow_nasty_meta_chars=1
;
;# USE SSL SOCKET
; This option controls if SSL should be used on the socket.
;use_ssl=1
;
;# BIND TO ADDRESS
; Allows you to bind server to a specific local address. This has to be a dotted ip adress not a hostname.
; Leaving this blank will bind to all avalible IP adresses.
; bind_to_address=
;
;# ALLOWED HOST ADDRESSES
; This is a comma-delimited list of IP address of hosts that are allowed to talk to NRPE deamon.
; If you leave this blank the global version will be used instead.
allowed_hosts=0.0.0.0
;
;# SCRIPT DIRECTORY
; All files in this directory will become check commands.
; *WARNING* This is undoubtedly dangerous so use with care!
;script_dir=scripts\
;
;# SOCKET TIMEOUT
; Timeout when reading packets on incoming sockets. If the data has not arrived withint this time we will bail out.
;socket_timeout=30
[Check System]
;# CPU BUFFER SIZE
; Can be anything ranging from 1s (for 1 second) to 10w for 10 weeks. Notice that a larger buffer will waste memory
; so don't use a larger buffer then you need (ie. the longest check you do +1).
;CPUBufferSize=1h
;
;# CHECK RESOLUTION
; The resolution to check values (currently only CPU).
; The value is entered in 1/10:th of a second and the default is 10 (which means ones every second)
;CheckResolution=10
;
;# CHECK ALL SERVICES
; Configure how to check services when a CheckAll is performed.
; ...=started means services in that class *has* to be running.
; ...=stopped means services in that class has to be stopped.
; ...=ignored means services in this class will be ignored.
;check_all_services[SERVICE_BOOT_START]=ignored
;check_all_services[SERVICE_SYSTEM_START]=ignored
;check_all_services[SERVICE_AUTO_START]=started
;check_all_services[SERVICE_DEMAND_START]=ignored
;check_all_services[SERVICE_DISABLED]=stopped
[External Script]
;# COMMAND TIMEOUT
; This specifies the maximum number of seconds that the NRPE daemon will allow plug-ins to finish executing before killing them off.
;command_timeout=60
;
;# COMMAND ARGUMENT PROCESSING
; This option determines whether or not the NRPE daemon will allow clients to specify arguments to commands that are executed.
;allow_arguments=0
;
;# COMMAND ALLOW NASTY META CHARS
; This option determines whether or not the NRPE daemon will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
;allow_nasty_meta_chars=0
;
;# SCRIPT DIRECTORY
; All files in this directory will become check commands.
; *WARNING* This is undoubtedly dangerous so use with care!
;script_dir=c:\my\script\dir
[Script Wrappings]
vbs=cscript.exe //T:30 //NoLogo scripts\lib\wrapper.vbs %SCRIPT% %ARGS%
ps1=cmd /c echo scripts\%SCRIPT% %ARGS%; exit($lastexitcode) | powershell.exe -command -
bat=scripts\%SCRIPT% %ARGS%
[External Scripts]
;check_es_long=scripts\long.bat
;check_es_ok=scripts\ok.bat
;check_es_nok=scripts\nok.bat
;check_vbs_sample=cscript.exe //T:30 //NoLogo scripts\check_vb.vbs
;check_powershell_warn=cmd /c echo scripts\powershell.ps1 | powershell.exe -command -
[External Alias]
alias_cpu=checkCPU warn=80 crit=90 time=5m time=1m time=30s
alias_cpu_ex=checkCPU warn=$ARG1$ crit=$ARG2$ time=5m time=1m time=30s
alias_mem=checkMem MaxWarn=80% MaxCrit=90% ShowAll=long type=physical type=virtual type=paged type=page
alias_up=checkUpTime MinWarn=1d MinWarn=1h
alias_disk=CheckDriveSize MinWarn=10% MinCrit=5% CheckAll FilterType=FIXED
alias_disk_loose=CheckDriveSize MinWarn=10% MinCrit=5% CheckAll FilterType=FIXED ignore-unreadable
alias_volumes=CheckDriveSize MinWarn=10% MinCrit=5% CheckAll=volumes FilterType=FIXED
alias_volumes_loose=CheckDriveSize MinWarn=10% MinCrit=5% CheckAll=volumes FilterType=FIXED ignore-unreadable
alias_service=checkServiceState CheckAll
alias_service_ex=checkServiceState CheckAll "exclude=Net Driver HPZ12" "exclude=Pml Driver HPZ12" exclude=stisvc
alias_process=checkProcState "$ARG1$=started"
alias_process_stopped=checkProcState "$ARG1$=stopped"
alias_process_count=checkProcState MaxWarnCount=$ARG2$ MaxCritCount=$ARG3$ "$ARG1$=started"
alias_process_hung=checkProcState MaxWarnCount=1 MaxCritCount=1 "$ARG1$=hung"
alias_event_log=CheckEventLog file=application file=system MaxWarn=1 MaxCrit=1 "filter=generated gt -2d AND severity NOT IN ('success', 'informational') AND source != 'SideBySide'" truncate=800 unique descriptions "syntax=%severity%: %source%: %message% (%count%)"
alias_file_size=CheckFiles "filter=size > $ARG2$" "path=$ARG1$" MaxWarn=1 MaxCrit=1 "syntax=%filename% %size%" max-dir-depth=10
alias_file_age=checkFile2 filter=out "file=$ARG1$" filter-written=>1d MaxWarn=1 MaxCrit=1 "syntax=%filename% %write%"
alias_sched_all=CheckTaskSched "filter=exit_code ne 0" "syntax=%title%: %exit_code%" warn=>0
alias_sched_long=CheckTaskSched "filter=status = 'running' AND most_recent_run_time < -$ARG1$" "syntax=%title% (%most_recent_run_time%)" warn=>0
alias_sched_task=CheckTaskSched "filter=title eq '$ARG1$' AND exit_code ne 0" "syntax=%title% (%most_recent_run_time%)" warn=>0
alias_updates=check_updates -warning 0 -critical 0
check_ok=CheckOK Everything is fine!
[Wrapped Scripts]
;check_test_vbs=check_test.vbs /arg1:1 /arg2:1 /variable:1
;check_test_ps1=check_test.ps1 arg1 arg2
;check_test_bat=check_test.bat arg1 arg2
;check_battery=check_battery.vbs
;check_printer=check_printer.vbs
;check_updates=check_updates.vbs
; [includes]
;# The order when used is "reversed" thus the last included file will be "first"
;# Included files can include other files (be carefull only do basic recursive checking)
;
; myotherfile.ini
; real.ini
[NSCA Agent]
;# CHECK INTERVALL (in seconds)
; How often we should run the checks and submit the results.
;interval=5
;
;# ENCRYPTION METHOD
; This option determines the method by which the send_nsca client will encrypt the packets it sends
; to the nsca daemon. The encryption method you choose will be a balance between security and
; performance, as strong encryption methods consume more processor resources.
; You should evaluate your security needs when choosing an encryption method.
;
; Note: The encryption method you specify here must match the decryption method the nsca daemon uses
; (as specified in the nsca.cfg file)!!
; Values:
; 0 = None (Do NOT use this option)
; 1 = Simple XOR (No security, just obfuscation, but very fast)
; 2 = DES
; 3 = 3DES (Triple DES)
; 4 = CAST-128
; 6 = xTEA
; 8 = BLOWFISH
; 9 = TWOFISH
; 11 = RC2
; 14 = RIJNDAEL-128 (AES)
; 20 = SERPENT
;encryption_method=14
;
;# ENCRYPTION PASSWORD
; This is the password/passphrase that should be used to encrypt the sent packets.
;password=
;
;# BIND TO ADDRESS
; Allows you to bind server to a specific local address. This has to be a dotted ip adress not a hostname.
; Leaving this blank will bind to "one" local interface.
; -- not supported as of now --
;bind_to_address=
;
;# LOCAL HOST NAME
; The name of this host (if empty "computername" will be used.
;hostname=
;
;# NAGIOS SERVER ADDRESS
; The address to the nagios server to submit results to.
nsca_host=0.0.0.0
;
;# NAGIOS SERVER PORT
; The port to the nagios server to submit results to.
nsca_port=5667
;
;# CHECK COMMAND LIST
; The checks to run everytime we submit results back to nagios
; Any command(alias/key) starting with a host_ is sent as HOST_COMMAND others are sent as SERVICE_COMMANDS
; where the alias/key is used as service name.
;
[NSCA Commands]
;my_cpu_check=checkCPU warn=80 crit=90 time=20m time=10s time=4
;my_mem_check=checkMem MaxWarn=80% MaxCrit=90% ShowAll type=page
;my_svc_check=checkServiceState CheckAll exclude=wampmysqld exclude=MpfService
;host_check=check_ok
;# REMOTE NRPE PROXY COMMANDS
; A list of commands that check other hosts.
; Used by the NRPECLient module
[NRPE Client Handlers]
check_other=-H 0.0.0.0 -p 5666 -c remote_command -a arguments
;# LUA SCRIPT SECTION
; A list of all Lua scripts to load.
;[LUA Scripts]
;scripts\test.lua
Re: Possible client issues?
Posted: Mon Apr 22, 2013 4:29 pm
by slansing
Please remove the duplicate modules at the top of the configuration file, also un comment:
I am assuming that where "allowed_hosts=0.0.0.0" show's 0's you have the valid Nagios XI server's IP and pass
Un comment:
Then lets restart the service, and try to run the previous command from Nagios, if it still times out open the nsclient.log file which should now be created and post the output to us here. Thanks!
It seems there were multiple changes made in this version of NSClient, they should not effect this but we may need to take a look into them as well. Keep in mind, you need only enable your IP globally rather than adding it in over and over again in all the area's IP's may be listed.
Re: Possible client issues?
Posted: Mon Apr 22, 2013 4:39 pm
by mobiledataforce
Same results. Here is the output:
[root@nagios ~]# /usr/local/nagios/libexec/check_nt -H 0.0.0.0 -p 12489 -v UPTIME -s PASSWORD -t 60
Code: Select all
CRITICAL - Socket timeout after 60 seconds
Here is the log file:
2013-04-22 15:33:35: message:modules\FileLogger\FileLogger.cpp:86: Starting to log for: NSClient++ - 0.3.9.328 2011-08-16
2013-04-22 15:33:36: debug:CACHENSClient++.cpp:557: Attempting to start NSCLient++ - 0.3.9.328 2011-08-16
2013-04-22 15:33:36: debug:CACHENSClient++.cpp:1007: Loading plugin: CheckDisk...
2013-04-22 15:33:36: debug:CACHENSClient++.cpp:1007: Loading plugin: Event log Checker....
2013-04-22 15:33:36: debug:CACHENSClient++.cpp:1007: Loading plugin: Check External Scripts...
2013-04-22 15:33:36: debug:CACHENSClient++.cpp:1007: Loading plugin: Helper function...
2013-04-22 15:33:36: debug:CACHENSClient++.cpp:1007: Loading plugin: Check NSCP...
2013-04-22 15:33:36: debug:CACHENSClient++.cpp:1007: Loading plugin: CheckSystem...
2013-04-22 15:33:36: debug:CACHENSClient++.cpp:1007: Loading plugin: CheckWMI...
2013-04-22 15:33:36: debug:CACHENSClient++.cpp:1007: Loading plugin: File logger...
2013-04-22 15:33:36: message:CACHEmodules\FileLogger\FileLogger.cpp:87: Log path is: C:\Program Files\NSClient++\\nsclient.log
2013-04-22 15:33:36: debug:CACHENSClient++.cpp:1007: Loading plugin: NRPE server (w/ SSL)...
2013-04-22 15:33:36: debug:CACHEmodules\NRPEListener\NRPEListener.cpp:92: Loading all commands (from NRPE)
2013-04-22 15:33:36: error:CACHEmodules\NRPEListener\NRPEListener.cpp:70: No scripts found in path: scripts\*.*
2013-04-22 15:33:36: debug:CACHEmodules\NRPEListener\NRPEListener.cpp:122: Starting NRPE socket...
2013-04-22 15:33:36: debug:CACHEmodules\CheckSystem\PDHCollector.cpp:73: Autodetected w2k or later, using w2k PDH counters.
2013-04-22 15:33:36: debug:CACHEmodules\CheckSystem\PDHCollector.cpp:110: Using index to retrive counternames
2013-04-22 15:33:36: debug:CACHEmodules\CheckSystem\PDHCollector.cpp:130: Found countername: CPU: \Processor(_total)\% Processor Time
2013-04-22 15:33:36: debug:CACHEmodules\CheckSystem\PDHCollector.cpp:131: Found countername: UPTIME: \System\System Up Time
2013-04-22 15:33:36: debug:CACHEmodules\CheckSystem\PDHCollector.cpp:132: Found countername: MCL: \Memory\Commit Limit
2013-04-22 15:33:36: debug:CACHEmodules\CheckSystem\PDHCollector.cpp:133: Found countername: MCB: \Memory\Committed Bytes
2013-04-22 15:33:36: debug:CACHENSClient++.cpp:1007: Loading plugin: NSClient server...
2013-04-22 15:33:36: debug:CACHENSClient++.cpp:1007: Loading plugin: SystemTray...
2013-04-22 15:33:36: debug:CACHEinclude\Socket.h:683: Bound to: 0.0.0.0:5666
2013-04-22 15:33:36: debug:CACHEinclude\Socket.h:683: Bound to: 0.0.0.0:12489
2013-04-22 15:33:36: debug:NSClient++.cpp:709: NSCLient++ - 0.3.9.328 2011-08-16 Started!
2013-04-22 15:33:36: debug:modules\SysTray\TrayIcon.cpp:56: Chaning window message filters...
2013-04-22 15:39:52: debug:NSClient++.cpp:863: No shared session: ignoring change event!
2013-04-22 15:39:53: debug:NSClient++.cpp:863: No shared session: ignoring change event!
And my nsc config to confirm the changes:
Code: Select all
[modules]
NRPEListener.dll
NSClientListener.dll
CheckWMI.dll
FileLogger.dll
CheckSystem.dll
CheckDisk.dll
CheckEventLog.dll
CheckHelpers.dll
;# NSCLIENT++ MODULES
;# A list with DLLs to load at startup.
; You will need to enable some of these for NSClient++ to work.
; ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !
; * *
; * N O T I C E ! ! ! - Y O U H A V E T O E D I T T H I S *
; * *
; ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !
;FileLogger.dll
;CheckSystem.dll
;CheckDisk.dll
;NSClientListener.dll
;NRPEListener.dll
SysTray.dll
;CheckEventLog.dll
;CheckHelpers.dll
;CheckWMI.dll
CheckNSCP.dll
;
; Script to check external scripts and/or internal aliases.
CheckExternalScripts.dll
;
; NSCA Agent if you enable this NSClient++ will talk to NSCA hosts repeatedly (so dont enable unless you want to
use NSCA)
;NSCAAgent.dll
;
; LUA script module used to write your own "check deamon".
;LUAScript.dll
;
; RemoteConfiguration IS AN EXTREM EARLY IDEA SO DONT USE FOR PRODUCTION ENVIROMNEMTS!
;RemoteConfiguration.dll
; Check other hosts through NRPE extreme beta and probably a bit dangerous! :)
;NRPEClient.dll
; Extreamly early beta of a task-schedule checker
;CheckTaskSched.dll
[crash]
; Archive crash dump files if a crash is detected
;archive=1
; Submit crash reports to a crash report server (this overrrides archive)
;submit=0
; Restart service if a crash is detected
;restart=1
[Settings]
;# OBFUSCATED PASSWORD
; This is the same as the password option but here you can store the password in an obfuscated manner.
; *NOTICE* obfuscation is *NOT* the same as encryption, someone with access to this file can still figure out
the
; password. Its just a bit harder to do it at first glance.
;obfuscated_password=Jw0KAUUdXlAAUwASDAAB
;
;# PASSWORD
; This is the password (-s) that is required to access NSClient remotely. If you leave this blank everyone will
be able to access the daemon remotly.
;password=secret-password
;
;# ALLOWED HOST ADDRESSES
; This is a comma-delimited list of IP address of hosts that are allowed to talk to the all daemons.
; If leave this blank anyone can access the deamon remotly (NSClient still requires a valid password).
; The syntax is host or ip/mask so 192.168.0.0/24 will allow anyone on that subnet access
allowed_hosts=0.0.0.0
;
;# USE THIS FILE
; Use the INI file as opposed to the registry if this is 0 and the use_reg in the registry is set to 1
; the registry will be used instead.
use_file=1
allowed_hosts=0.0.0.0
password=PASSWORD
;
; # USE SHARED MEMORY CHANNELS
; This is the "new" way for using the system tray based on an IPC framework on top shared memmory channels and
events.
; It is brand new and (probably has bugs) so dont enable this unless for testing!
; If set to 1 shared channels will be created and system tray icons created and such and such...
;shared_session=0
[log]
;# LOG DEBUG
; Set to 1 if you want debug message printed in the log file (debug messages are always printed to stdout when
run with -test)
debug=1
;
;# LOG FILE
; The file to print log statements to
file=nsclient.log
;
;# LOG DATE MASK
; The format to for the date/time part of the log entry written to file.
;date_mask=%Y-%m-%d %H:%M:%S
;
;# LOG ROOT FOLDER
; The root folder to use for logging.
; exe = the folder where the executable is located
; local-app-data = local application data (probably a better choice then the old default)
;root_folder=exe
[NSClient]
;# ALLOWED HOST ADDRESSES
; This is a comma-delimited list of IP address of hosts that are allowed to talk to NSClient deamon.
; If you leave this blank the global version will be used instead.
allowed_hosts=0.0.0.0
;
;# NSCLIENT PORT NUMBER
; This is the port the NSClientListener.dll will listen to.
port=12489
;
;# BIND TO ADDRESS
; Allows you to bind server to a specific local address. This has to be a dotted ip adress not a hostname.
; Leaving this blank will bind to all avalible IP adresses.
;bind_to_address=
;
;# SOCKET TIMEOUT
; Timeout when reading packets on incoming sockets. If the data has not arrived withint this time we will bail
out.
;socket_timeout=30
[NRPE]
;# NRPE PORT NUMBER
; This is the port the NRPEListener.dll will listen to.
port=5666
;
;# COMMAND TIMEOUT
; This specifies the maximum number of seconds that the NRPE daemon will allow plug-ins to finish executing
before killing them off.
;command_timeout=60
;
;# COMMAND ARGUMENT PROCESSING
; This option determines whether or not the NRPE daemon will allow clients to specify arguments to commands
that are executed.
allow_arguments=1
;
;# COMMAND ALLOW NASTY META CHARS
; This option determines whether or not the NRPE daemon will allow clients to specify nasty (as in |`&><'"\[]
{}) characters in arguments.
allow_nasty_meta_chars=1
;
;# USE SSL SOCKET
; This option controls if SSL should be used on the socket.
;use_ssl=1
;
;# BIND TO ADDRESS
; Allows you to bind server to a specific local address. This has to be a dotted ip adress not a hostname.
; Leaving this blank will bind to all avalible IP adresses.
; bind_to_address=
;
;# ALLOWED HOST ADDRESSES
; This is a comma-delimited list of IP address of hosts that are allowed to talk to NRPE deamon.
; If you leave this blank the global version will be used instead.
allowed_hosts=0.0.0.0
;
;# SCRIPT DIRECTORY
; All files in this directory will become check commands.
; *WARNING* This is undoubtedly dangerous so use with care!
script_dir=scripts\
;
;# SOCKET TIMEOUT
; Timeout when reading packets on incoming sockets. If the data has not arrived withint this time we will bail
out.
;socket_timeout=30
[Check System]
;# CPU BUFFER SIZE
; Can be anything ranging from 1s (for 1 second) to 10w for 10 weeks. Notice that a larger buffer will waste
memory
; so don't use a larger buffer then you need (ie. the longest check you do +1).
;CPUBufferSize=1h
;
;# CHECK RESOLUTION
; The resolution to check values (currently only CPU).
; The value is entered in 1/10:th of a second and the default is 10 (which means ones every second)
;CheckResolution=10
;
;# CHECK ALL SERVICES
; Configure how to check services when a CheckAll is performed.
; ...=started means services in that class *has* to be running.
; ...=stopped means services in that class has to be stopped.
; ...=ignored means services in this class will be ignored.
;check_all_services[SERVICE_BOOT_START]=ignored
;check_all_services[SERVICE_SYSTEM_START]=ignored
;check_all_services[SERVICE_AUTO_START]=started
;check_all_services[SERVICE_DEMAND_START]=ignored
;check_all_services[SERVICE_DISABLED]=stopped
[External Script]
;# COMMAND TIMEOUT
; This specifies the maximum number of seconds that the NRPE daemon will allow plug-ins to finish executing
before killing them off.
;command_timeout=60
;
;# COMMAND ARGUMENT PROCESSING
; This option determines whether or not the NRPE daemon will allow clients to specify arguments to commands
that are executed.
;allow_arguments=0
;
;# COMMAND ALLOW NASTY META CHARS
; This option determines whether or not the NRPE daemon will allow clients to specify nasty (as in |`&><'"\[]
{}) characters in arguments.
;allow_nasty_meta_chars=0
;
;# SCRIPT DIRECTORY
; All files in this directory will become check commands.
; *WARNING* This is undoubtedly dangerous so use with care!
;script_dir=c:\my\script\dir
[Script Wrappings]
vbs=cscript.exe //T:30 //NoLogo scripts\lib\wrapper.vbs %SCRIPT% %ARGS%
ps1=cmd /c echo scripts\%SCRIPT% %ARGS%; exit($lastexitcode) | powershell.exe -command -
bat=scripts\%SCRIPT% %ARGS%
[External Scripts]
;check_es_long=scripts\long.bat
;check_es_ok=scripts\ok.bat
;check_es_nok=scripts\nok.bat
;check_vbs_sample=cscript.exe //T:30 //NoLogo scripts\check_vb.vbs
;check_powershell_warn=cmd /c echo scripts\powershell.ps1 | powershell.exe -command -
[External Alias]
alias_cpu=checkCPU warn=80 crit=90 time=5m time=1m time=30s
alias_cpu_ex=checkCPU warn=$ARG1$ crit=$ARG2$ time=5m time=1m time=30s
alias_mem=checkMem MaxWarn=80% MaxCrit=90% ShowAll=long type=physical type=virtual type=paged type=page
alias_up=checkUpTime MinWarn=1d MinWarn=1h
alias_disk=CheckDriveSize MinWarn=10% MinCrit=5% CheckAll FilterType=FIXED
alias_disk_loose=CheckDriveSize MinWarn=10% MinCrit=5% CheckAll FilterType=FIXED ignore-unreadable
alias_volumes=CheckDriveSize MinWarn=10% MinCrit=5% CheckAll=volumes FilterType=FIXED
alias_volumes_loose=CheckDriveSize MinWarn=10% MinCrit=5% CheckAll=volumes FilterType=FIXED ignore-unreadable
alias_service=checkServiceState CheckAll
alias_service_ex=checkServiceState CheckAll "exclude=Net Driver HPZ12" "exclude=Pml Driver HPZ12" exclude=stisvc
alias_process=checkProcState "$ARG1$=started"
alias_process_stopped=checkProcState "$ARG1$=stopped"
alias_process_count=checkProcState MaxWarnCount=$ARG2$ MaxCritCount=$ARG3$ "$ARG1$=started"
alias_process_hung=checkProcState MaxWarnCount=1 MaxCritCount=1 "$ARG1$=hung"
alias_event_log=CheckEventLog file=application file=system MaxWarn=1 MaxCrit=1 "filter=generated gt -2d AND
severity NOT IN ('success', 'informational') AND source != 'SideBySide'" truncate=800 unique descriptions
"syntax=%severity%: %source%: %message% (%count%)"
alias_file_size=CheckFiles "filter=size > $ARG2$" "path=$ARG1$" MaxWarn=1 MaxCrit=1 "syntax=%filename% %size%"
max-dir-depth=10
alias_file_age=checkFile2 filter=out "file=$ARG1$" filter-written=>1d MaxWarn=1 MaxCrit=1 "syntax=%filename%
%write%"
alias_sched_all=CheckTaskSched "filter=exit_code ne 0" "syntax=%title%: %exit_code%" warn=>0
alias_sched_long=CheckTaskSched "filter=status = 'running' AND most_recent_run_time < -$ARG1$" "syntax=%title%
(%most_recent_run_time%)" warn=>0
alias_sched_task=CheckTaskSched "filter=title eq '$ARG1$' AND exit_code ne 0" "syntax=%title%
(%most_recent_run_time%)" warn=>0
alias_updates=check_updates -warning 0 -critical 0
check_ok=CheckOK Everything is fine!
[Wrapped Scripts]
;check_test_vbs=check_test.vbs /arg1:1 /arg2:1 /variable:1
;check_test_ps1=check_test.ps1 arg1 arg2
;check_test_bat=check_test.bat arg1 arg2
;check_battery=check_battery.vbs
;check_printer=check_printer.vbs
;check_updates=check_updates.vbs
; [includes]
;# The order when used is "reversed" thus the last included file will be "first"
;# Included files can include other files (be carefull only do basic recursive checking)
;
; myotherfile.ini
; real.ini
[NSCA Agent]
;# CHECK INTERVALL (in seconds)
; How often we should run the checks and submit the results.
;interval=5
;
;# ENCRYPTION METHOD
; This option determines the method by which the send_nsca client will encrypt the packets it sends
; to the nsca daemon. The encryption method you choose will be a balance between security and
; performance, as strong encryption methods consume more processor resources.
; You should evaluate your security needs when choosing an encryption method.
;
; Note: The encryption method you specify here must match the decryption method the nsca daemon uses
; (as specified in the nsca.cfg file)!!
; Values:
; 0 = None (Do NOT use this option)
; 1 = Simple XOR (No security, just obfuscation, but very fast)
; 2 = DES
; 3 = 3DES (Triple DES)
; 4 = CAST-128
; 6 = xTEA
; 8 = BLOWFISH
; 9 = TWOFISH
; 11 = RC2
; 14 = RIJNDAEL-128 (AES)
; 20 = SERPENT
;encryption_method=14
;
;# ENCRYPTION PASSWORD
; This is the password/passphrase that should be used to encrypt the sent packets.
;password=
;
;# BIND TO ADDRESS
; Allows you to bind server to a specific local address. This has to be a dotted ip adress not a hostname.
; Leaving this blank will bind to "one" local interface.
; -- not supported as of now --
;bind_to_address=
;
;# LOCAL HOST NAME
; The name of this host (if empty "computername" will be used.
;hostname=
;
;# NAGIOS SERVER ADDRESS
; The address to the nagios server to submit results to.
nsca_host=0.0.0.0
;
;# NAGIOS SERVER PORT
; The port to the nagios server to submit results to.
nsca_port=5667
;
;# CHECK COMMAND LIST
; The checks to run everytime we submit results back to nagios
; Any command(alias/key) starting with a host_ is sent as HOST_COMMAND others are sent as SERVICE_COMMANDS
; where the alias/key is used as service name.
;
[NSCA Commands]
;my_cpu_check=checkCPU warn=80 crit=90 time=20m time=10s time=4
;my_mem_check=checkMem MaxWarn=80% MaxCrit=90% ShowAll type=page
;my_svc_check=checkServiceState CheckAll exclude=wampmysqld exclude=MpfService
;host_check=check_ok
;# REMOTE NRPE PROXY COMMANDS
; A list of commands that check other hosts.
; Used by the NRPECLient module
[NRPE Client Handlers]
check_other=-H 0.0.0.0 -p 5666 -c remote_command -a arguments
;# LUA SCRIPT SECTION
; A list of all Lua scripts to load.
;[LUA Scripts]
;scripts\test.lua
Re: Possible client issues?
Posted: Mon Apr 22, 2013 4:44 pm
by mobiledataforce
I see this, may be an issue. This is NOT from me posting with IP of 0.0.0.0, that is actually what seems to be configured.
2013-04-22 15:33:36: debug:CACHEinclude\Socket.h:683: Bound to: 0.0.0.0:5666
2013-04-22 15:33:36: debug:CACHEinclude\Socket.h:683: Bound to: 0.0.0.0:12489
Also this:
2013-04-22 15:33:36: error:CACHEmodules\NRPEListener\NRPEListener.cpp:70: No scripts found in path: scripts\*.*
I do see scripts at this path.
Thanks.
Re: Possible client issues?
Posted: Mon Apr 22, 2013 5:00 pm
by mobiledataforce
I just noticed that the script_dir=scripts\ field is denoted twice. One of these paths does not exist, the c:\my\script\dir. What should the path be for both of these fields? Trying combinations for now, I'll let you know if I have any success.
Re: Possible client issues?
Posted: Mon Apr 22, 2013 5:25 pm
by mobiledataforce
It seems my scripts are located in C:\Program Files\NSClient++\scripts. I can't get the error to go away that no scripts are found in the path, even if I designate it in the config file; I see the proper directory being called in the log if I set it manually, but still is not being found. I set the lines both back to script_dir=scripts\ and have both lines for NRPE and External Scripts uncommented. I also edited the folder security to be wide open for the installed directory.
2013-04-22 16:18:32: error:CACHEmodules\NRPEListener\NRPEListener.cpp:70: No scripts found in path: scripts\*.*
2013-04-22 16:22:00: error:CACHEmodules\CheckExternalScripts\CheckExternalScripts.cpp:57: No scripts found in path: C:\Program Files\NSClient++\\scripts\
Re: Possible client issues?
Posted: Tue Apr 23, 2013 1:41 pm
by slansing
2013-04-22 15:33:36: debug:CACHEinclude\Socket.h:683: Bound to: 0.0.0.0:5666
2013-04-22 15:33:36: debug:CACHEinclude\Socket.h:683: Bound to: 0.0.0.0:12489
Wrap your long code snippets in code so it does not fill the entire page please, and add to your previous post if nobody has replied rather than creating new posts.
This 'should' be fine as NSClient and the modules it's loading "NRPE/NT/NSCA/WMI" are binding to their respective ports locally.
As far as the plugins directory error that will not effect what we are trying to do right now which is reach the server from the Nagios XI server.
We already tried with NC but we can try with telnet if you want validation that something is blocking access to that server.
Once installed on the XI server, run:
Code: Select all
telnet <ip.of.windows.server> <port>
The port would be either 5666 or 12489, you can try another port that is unrelated to NSClient as well to verify.
This is how the output should look from the XI server to the windows server, or relatively similar:
Code: Select all
[root@localhost nagiosxi]# telnet 192.168.5.64 12489
Trying 192.168.5.64...
Connected to 192.168.5.64.
Further more, there is the possibility of something we would not be able to find such as the incorrect architecture being chosen when you installed NSClient++, you could try uninstalling, and re-installing "verifying that it is 32 or 64 bit, and using version 3.9" since there is nothing special configured yet. Then uncomment the places where I have mentioned in this thread, and make sure that the XI server's IP is in the globally allowed section "dont add you IP in every place you can in the config file, just the global, or for protocols you are using."
Re: Possible client issues?
Posted: Tue Apr 23, 2013 3:25 pm
by mobiledataforce
The only thing new to try was using client 3.9. I am now using it with the same results.
Re: Possible client issues?
Posted: Tue Apr 23, 2013 3:32 pm
by slansing
What do you get in return from the Xi server when you run telnet against a port that should be open other than the NSClient port's?
Code: Select all
telnet <ip.of.windows.server> <port>
Re: Possible client issues?
Posted: Tue Apr 23, 2013 3:43 pm
by mobiledataforce
Exactly what we already know to be true, the port is not accessible. This is due to something on the local windows system. I have verified there are no port conflicts, the port is listening, all local firewall and A/V is disabled, I have uninstalled/reinstalled several times, rebooted the server several times, etc. It seems that I may be SOL in a resolution to this because we just keep going in circles?