Where to start!?

[tmcdonald]

Please let us know if @eloyd's post helps out!

[trafalgargirl]

Is the other machine an AWS machine as well? If so, you'll need to open up the AWS firewall (Security Group) to allow traffic between the two machines. The easiest way to do this is to add the security group to itself, which means any machine that is in that security group can communicate with any other machine in that security group. Otherwise, add the NRPE port (5666) to the inbound rules from your Nagios IP server.

Also, make sure you're using internal IPs or else you'll be paying for data transfers.

Yes both the machines are on AWS. Eventually the goal is to have all of our clients (both US and Canadian) being monitored by Nagios, which means using both AWS and a Canadian hosting provider.

I am at a loss on how to open up the AWS firewall or to use internal IPs. I started my post by saying I have been a long time fan of using nagios but never having installed it - was super super excited about learning all of this. I have been pointed to some great documentation and have been diligently following everyone's advise / troubleshooting - so any help with that will be super appreciated.

Can you point me in the correct direction?

[tmcdonald]

I'd like to offer a somewhat alternative path.

I know we've spent a long time getting Core set up, and Core is in itself a great piece of software, but if you're going to have a multi-national environment like this that is hosted in AWS, I would suggest using our commercial version called Nagios XI.

This isn't just a sales pitch, this is a "I have seen many people go down this path" post. Core takes a lot of work to maintain and requires some Linux knowledge to do so. XI was designed to take away a lot of these concerns, offering a web interface for configuration as opposed to doing this all from the CLI. It also have a much nicer interface, better reports, and a ton of features that Core lacks.

XI is available as a fully-functional trial for 60 days, which is usually plenty of time to get it installed and configured. We can certainly help with this process if you would like.

Please let me know if this is an option for you.

[eloyd]

My instructions are AWS things, not Nagios things. In other words, you need to use the AWS console to open the Security Group so that port 5666 can be used between the hosts. This is beyond the scope of a Nagios support forum.

As for internal IPs, AWS provides internal IP address space for each machine. You should use this (typically a 172. address) to reach out to your machine(s) from the Nagios server. Otherwise you're going outside your network to the public Internet, then back into your private space. Amazon charges for this.

[trafalgargirl]

As much I would have 100% preferred to go this route - I believe the XI is too big an expense for us. I can try and get it approved but it might be a stretch.

[trafalgargirl]

My instructions are AWS things, not Nagios things. In other words, you need to use the AWS console to open the Security Group so that port 5666 can be used between the hosts. This is beyond the scope of a Nagios support forum.

As for internal IPs, AWS provides internal IP address space for each machine. You should use this (typically a 172. address) to reach out to your machine(s) from the Nagios server. Otherwise you're going outside your network to the public Internet, then back into your private space. Amazon charges for this.

Ah ok - I will take a look at this and see what I can learn and fix. Will report back.
Thanks!!

[bwallace]

Thanks eloyd.
trafalgargirl, keep us posted.

[eloyd]

I think we worked out the issues with NRPE. The problem was that /usr/local/nagios/etc did not exist because it was a package install. Instead, it was /etc/nagios for the config file specified in /etc/xinetd.d/nrpe.

I'll wait to hear from @trafalgargirl to be sure.

[bwallace]

Sounds good eloyd and thanks again for the clarification. Hopefully trafalgargirl is on the right track now!

[trafalgargirl]

It definitely helped and I have started adding the NRPE add-on on some of the other client servers.

However, I am still at a complete loss as to what to do next to get all the various hosts up and running.