Page 1 of 1
Monitoring XI with XI
Posted: Thu Dec 05, 2013 4:38 pm
by BanditBBS
Ok, so I am a bad bad admin and haven't been doing all the self monitoring that I should have been doing. After my ramdisk filling up this past weekend, I decided to get off my butt and get this all setup.
I want my main XI server to monitor all my other XI servers. I used the monitoring wizard to set it up, I put in the IP, URL and user/pass. It went to the next screen and I continued with the wizard.
First problem: I can't ping the server (FW Rules), so I'll change that to a check_dummy and won't worry about pings. I'll get alerted on the services when they dont succeed if the server is down.
Second problem: All the services are coming back with:
Code: Select all
Error: Could not parse XML from https://xxxxx.xxx.xxx.com/nagiosxi/ ()
I can only get to the this server (and also another I'll be doing) via SSL. We use http to get to all of our XI servers, so no certs have been added or anything. If I try and curl to the NagiosXI server from my main one, I have to use the -k option. I imagine that is the issue with this check as well, right? Any idea how to resolve?
Re: Monitoring XI with XI
Posted: Thu Dec 05, 2013 5:29 pm
by abrist
1. I presume all icmp traffic is filtered? If so, then you must use check_dummy, or check a different service on the remote host that is not filtered.
I just took a look at the pdf for check_nagiosserver.php. If already has declared:
Code: Select all
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
So, in theory, it should already work.
Re: Monitoring XI with XI
Posted: Thu Dec 05, 2013 7:06 pm
by BanditBBS
abrist wrote:1. I presume all icmp traffic is filtered? If so, then you must use check_dummy, or check a different service on the remote host that is not filtered.
I just took a look at the pdf for check_nagiosserver.php. If already has declared:
Code: Select all
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
So, in theory, it should already work.
Yeah, sure should.
I can curl -k 'https://<backend url here>' and it works fine from the cli. Any ideas?
Re: Monitoring XI with XI
Posted: Thu Dec 05, 2013 7:19 pm
by BanditBBS
Before you ask:
Code: Select all
[clarkj@svwdcnagios02 libexec]$ php check_nagiosxiserver.php --address=10.200.48.252 --url=https://svwddnagios01.aeo.ae.com/nagiosxi/ --username=nagiosadmin --ticket="8v8lv36p" --mode=daemons --debug=1
ACCESSING URL: https://svwddnagios01.aeo.ae.com/nagiosxi//backend/?username=nagiosadmin&ticket=xxxxxx&cmd=getsysstat
RESULT:
Array
(
[headers] => Array
(
)
[body] =>
[info] => Array
(
[url] => https://svwddnagios01.aeo.ae.com:80/nagiosxi//backend/
[content_type] =>
[http_code] => 0
[header_size] => 0
[request_size] => 0
[filetime] => -1
[ssl_verify_result] => 0
[redirect_count] => 0
[total_time] => 0
[namelookup_time] => 0.000241
[connect_time] => 0
[pretransfer_time] => 0
[size_upload] => 0
[size_download] => 0
[speed_download] => 0
[speed_upload] => 0
[download_content_length] => -1
[upload_content_length] => -1
[starttransfer_time] => 0
[redirect_time] => 0
[certinfo] => Array
(
)
)
)
Error: Could not parse XML from https://svwddnagios01.aeo.ae.com/nagiosxi/ ()
And if I copy that url it says it is trying to access and do the curl -k to it, I get everything fine
EDIT: I think I see the issue, look at the debug information, it shows :80
EDIT #2: I changed line 489 $url_parts['port']=443;
Now it works fine, but I'm sure that edit will break any I want to add with http. Does this mean I need to use https on all or is this a lovely bug in the code that you'll fix?
Re: Monitoring XI with XI
Posted: Fri Dec 06, 2013 9:47 am
by sreinhardt
if you have to set the port within the code, i would call it a bug. it should be a flag to use ssl or not. We will discuss\thrown an internal bug in for it and let you know shortly.
Re: Monitoring XI with XI
Posted: Mon Sep 22, 2014 11:52 am
by sujitt
Is this problem fixed ?
Re: Monitoring XI with XI
Posted: Mon Sep 22, 2014 12:42 pm
by sreinhardt
Yes this looks like it should be fixed, I just took a peek at the most recent version that 2014 would have. Locking as this is quite old