NRPE issue

[Box293]

They all look correct.

When logged onto uusrcpmwik00, execute the command against the local server:

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H 127.0.0.1 -t 30 -c check_cpu_stats

check_npre might be in another directory on that server.

Is xinetd running more than once?

Code: Select all

ps aux | grep xinetd | grep -v grep

[raamardhani7]

They all look correct.

When logged onto uusrcpmwik00, execute the command against the local server:

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H 127.0.0.1 -t 30 -c check_cpu_stats

check_npre might be in another directory on that server.

Is xinetd running more than once?

Code: Select all

ps aux | grep xinetd | grep -v grep

Please find the output for the commands:

[root@uusrcpmwik00 etc]# ps aux | grep xinetd | grep -v grep
root 22308 0.4 0.0 21716 1008 ? Ss 01:18 0:00 xinetd -stayalive -pidfile /var/run/xinetd.pid
[root@uusrcpmwik00 etc]# /usr/local/nagios/libexec/check_nrpe -H 127.0.0.1 -t 30 -c check_cpu_stats
CHECK_NRPE: Error - Could not complete SSL handshake.

I have added the below mentioned ones in nrpe.cfg and recycled the xinetd:
[root@uusrcpmwik00 etc]# grep 127.0.0.1 nrpe.cfg
#server_address=127.0.0.1
allowed_hosts=127.0.0.1,10.10.83.90

[Box293]

I have added the below mentioned ones in nrpe.cfg and recycled the xinetd:
[root@uusrcpmwik00 etc]# grep 127.0.0.1 nrpe.cfg
#server_address=127.0.0.1
allowed_hosts=127.0.0.1,10.10.83.90

When NRPE is run under xinetd, the setting in nrpe.cfg is ignored.

When logged onto uusrcpmwik00, execute the command against the local server:

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H 127.0.0.1

When logged onto Nagios XI, execute the following command:

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H uusrcpmwik00

[raamardhani7]

I have added the below mentioned ones in nrpe.cfg and recycled the xinetd:
[root@uusrcpmwik00 etc]# grep 127.0.0.1 nrpe.cfg
#server_address=127.0.0.1
allowed_hosts=127.0.0.1,10.10.83.90

When NRPE is run under xinetd, the setting in nrpe.cfg is ignored.

When logged onto uusrcpmwik00, execute the command against the local server:

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H 127.0.0.1

When logged onto Nagios XI, execute the following command:

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H uusrcpmwik00

Hi...

Output from Nagios XI server:
[root@lussvpnagiosxi00 libexec]# /usr/local/nagios/libexec/check_nrpe -H uusrcpmwik00
NRPE v2.15


Output from Remote Server:
[root@uusrcpmwik00 etc]# /usr/local/nagios/libexec/check_nrpe -H 127.0.0.1
CHECK_NRPE: Error - Could not complete SSL handshake.

[root@uusrcpmwik00 etc]# /usr/local/nagios/libexec/check_nrpe -H 10.10.83.90 (Nagios XI server)
connect to address 10.10.83.90 port 5666: No route to host
connect to host 10.10.83.90 port 5666: No route to host

[root@uusrcpmwik00 etc]# traceroute -p 5666 10.10.83.90
traceroute to 10.10.83.90 (10.10.83.90), 30 hops max, 60 byte packets
1 10.10.82.12 (10.10.82.12) 0.371 ms 0.535 ms 0.721 ms
2 LUSSVPNAGIOSXI00 (10.10.83.90) 0.359 ms !X 0.343 ms !X 0.333 ms !X


[root@uusrcpmwik00 etc]# traceroute -p 5666 127.0.0.1
traceroute to 127.0.0.1 (127.0.0.1), 30 hops max, 60 byte packets
1 localhost (127.0.0.1) 0.038 ms 0.011 ms 0.010 ms

netstat -at | grep nrpe
tcp 0 0 *:nrpe *:* LISTEN
tcp 0 0 uusrcpmwik00:nrpe LUSSVPNAGIOSXI00:41976 TIME_WAIT
tcp 0 0 *:nrpe *:* LISTEN

[raamardhani7]

To add to the above :

[root@uusrcpmwik00 etc]# ps -ef | grep -i nrpe
nagios 25312 1 0 Aug05 ? 00:00:01 /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d
root 25842 17076 0 01:45 pts/0 00:00:00 grep -i nrpe
[root@uusrcpmwik00 etc]# kill 25312
[root@uusrcpmwik00 etc]# ps -ef | grep -i nrpe
root 25884 17076 0 01:45 pts/0 00:00:00 grep -i nrpe
[root@uusrcpmwik00 etc]# /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d
[root@uusrcpmwik00 etc]# ps -ef | grep -i nrpe
nagios 25906 1 0 01:45 ? 00:00:00 /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d
root 25916 17076 0 01:45 pts/0 00:00:00 grep -i nrpe
[root@uusrcpmwik00 etc]# service nrpe restart
nrpe: unrecognized service
[root@uusrcpmwik00 etc]# service xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]

[root@uusrcpmwik00 etc]# /usr/local/nagios/libexec/check_tcp -H 127.0.0.1 -p 5666
TCP OK - 0.000 second response time on 127.0.0.1 port 5666|time=0.000196s;;;0.000000;10.000000

[root@uusrcpmwik00 etc]# /usr/local/nagios/libexec/check_nrpe -H 127.0.0.1
NRPE v2.15

[root@uusrcpmwik00 etc]# /usr/local/nagios/libexec/check_nrpe -H 10.10.83.90
connect to address 10.10.83.90 port 5666: No route to host
connect to host 10.10.83.90 port 5666: No route to host[root@uusrcpmwik00 etc]#

Aug 6 01:46:11 uusrcpmwik00 xinetd[25983]: Started working: 1 available service
Aug 6 01:46:18 uusrcpmwik00 nrpe[26003]: Error: Could not complete SSL handshake. 5
Aug 6 01:46:18 uusrcpmwik00 nrpe[26003]: Error: Could not complete SSL handshake. 5

tail -30 /var/log/messages

[raamardhani7]

Not sure where the issue is, but after executing the below two commands on XI server:
iptables -I INPUT -p tcp --dport 5666 -j ACCEPT
service iptables save
The output on remote server is now changed to
[root@uusrcpmwik00 etc]# /usr/local/nagios/libexec/check_nrpe -H lussvpnagiosxi00
CHECK_NRPE: Error - Could not complete SSL handshake.

Please advise.

[Box293]

This is from your remote server:

[root@uusrcpmwik00 libexec]# cat /etc/xinetd.d/nrpe
# default: on
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
flags = REUSE
socket_type = stream
port = 5666
wait = no
user = nagios
group = nagios
server = /usr/local/nagios/bin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd
log_on_failure += USERID
disable = no
only_from = 127.0.0.1 10.10.83.90
nrpe 5666/tcp
}

This line only_from = 127.0.0.1 10.10.83.90 needs to include the IP Address of the Nagios XI server.

[raamardhani7]

This is from your remote server:

[root@uusrcpmwik00 libexec]# cat /etc/xinetd.d/nrpe
# default: on
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
flags = REUSE
socket_type = stream
port = 5666
wait = no
user = nagios
group = nagios
server = /usr/local/nagios/bin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd
log_on_failure += USERID
disable = no
only_from = 127.0.0.1 10.10.83.90
nrpe 5666/tcp
}

This line only_from = 127.0.0.1 10.10.83.90 needs to include the IP Address of the Nagios XI server.

10.10.83.90 is the IP address of the Nagios XI server..

To add to the point, please find the outputs:

Output from Nagios XI server:

[root@lussvpnagiosxi00 etc]# /usr/local/nagios/libexec/check_nrpe -H localhost -p 5666
CHECK_NRPE: Error - Could not complete SSL handshake.

[root@lussvpnagiosxi00 etc]# /usr/local/nagios/libexec/check_nrpe -H 127.0.0.1
NRPE v2.15

Output from Remote Server:

[root@uusrcpmwik00 etc]# /usr/local/nagios/libexec/check_nrpe -H 127.0.0.1
NRPE v2.15

[root@uusrcpmwik00 etc]# /usr/local/nagios/libexec/check_nrpe -H lussvpnagiosxi00
CHECK_NRPE: Error - Could not complete SSL handshake.

[Box293]

Is the firewall on the remote server allowing inbound TCP 5666?

[raamardhani7]

Is the firewall on the remote server allowing inbound TCP 5666?

Surprisingly check_cpu_stats is working even remotely too..

[root@lussvpnagiosxi00 libexec]# /usr/local/nagios/libexec/check_nrpe -H uusrcpmwik00 -t 30 -c check_cpu_stats
CPU STATISTICS OK : user=0.00% system=0.00% iowait=0.00% idle=100.00% nice=0.00% steal=0.00% | CpuUser=0.00;CpuSystem=0.00;CpuIoWait=0.00;CpuIdle=100.00;CpuNice=0.00;CpuSteal=0.00;30;100

Not sure why this is not working.
[root@lussvpnagiosxi00 libexec]# /usr/local/nagios/libexec/check_nrpe -H uusrcpmwik00 -t 30 -c check_mem -a '-w 20 -c 10'
NRPE: Command 'check_mem' not defined

I could see output on XI server and also on Remote server.
[root@lussvpnagiosxi00 libexec]# ./check_mem -w 20 -c 10
Memory: CRITICAL Total: 7872 MB - Used: 1397 MB - 17% used!|TOTAL=8255045632;;;; USED=1464156160;;;; CACHE=5266116608;;;; BUFFER=224825344;;;;