Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

need help

https://support.nagios.com/forum/viewtopic.php?t=24944

Page 1 of 1

need help

Posted: Thu Jan 09, 2014 6:52 am
by vinoutd
i dont have experience monitoring a vm server
im attaching a log file
the server is a live web server xen server with multiple vms
every vm has a public ip and they live
please throw some light on this issue

Code: Select all

[01-09-2014 16:12:37] Nagios 4.0.2 starting... (PID=9442)
[01-09-2014 16:12:37] Caught SIGTERM, shutting down...
[01-09-2014 16:12:28] Nagios 4.0.2 starting... (PID=9379)
[01-09-2014 16:12:28] Caught SIGTERM, shutting down...
[01-09-2014 16:12:25] Nagios 4.0.2 starting... (PID=9339)
[01-09-2014 16:12:25] Caught SIGTERM, shutting down...

 
	January 09, 2014 10:00 		 

[01-09-2014 10:31:19] Nagios 4.0.2 starting... (PID=27342)
[01-09-2014 10:31:19] Caught SIGTERM, shutting down...
[01-09-2014 10:27:55] Nagios 4.0.2 starting... (PID=27073)
[01-09-2014 10:27:55] Caught SIGTERM, shutting down...

 
	January 09, 2014 06:00 		 

[01-09-2014 06:41:49] SERVICE ALERT: cms.sum2cloud.com;Swap Usage;CRITICAL;HARD;3;(Return code of 255 is out of bounds)
[01-09-2014 06:40:24] SERVICE ALERT: cms.sum2cloud.com;SSH;CRITICAL;HARD;3;(Return code of 255 is out of bounds)
[01-09-2014 06:39:49] SERVICE ALERT: cms.sum2cloud.com;Swap Usage;CRITICAL;SOFT;2;(Return code of 255 is out of bounds)
[01-09-2014 06:38:58] SERVICE ALERT: cms.sum2cloud.com;Root Partition;CRITICAL;HARD;3;(Return code of 255 is out of bounds)
[01-09-2014 06:38:24] SERVICE ALERT: cms.sum2cloud.com;SSH;CRITICAL;SOFT;2;(Return code of 255 is out of bounds)
[01-09-2014 06:37:49] SERVICE ALERT: cms.sum2cloud.com;Swap Usage;CRITICAL;SOFT;1;(Return code of 255 is out of bounds)
[01-09-2014 06:37:33] SERVICE ALERT: cms.sum2cloud.com;PING;CRITICAL;HARD;3;(Return code of 255 is out of bounds)
[01-09-2014 06:36:58] SERVICE ALERT: cms.sum2cloud.com;Root Partition;CRITICAL;SOFT;2;(Return code of 255 is out of bounds)
[01-09-2014 06:36:24] SERVICE ALERT: cms.sum2cloud.com;SSH;CRITICAL;SOFT;1;(Return code of 255 is out of bounds)
[01-09-2014 06:36:08] SERVICE ALERT: cms.sum2cloud.com;HTTP;CRITICAL;HARD;3;(Return code of 255 is out of bounds)
[01-09-2014 06:35:33] SERVICE ALERT: cms.sum2cloud.com;PING;CRITICAL;SOFT;2;(Return code of 255 is out of bounds)
[01-09-2014 06:34:58] SERVICE ALERT: cms.sum2cloud.com;Root Partition;CRITICAL;SOFT;1;(Return code of 255 is out of bounds)
[01-09-2014 06:34:42] SERVICE ALERT: cms.sum2cloud.com;Current Users;CRITICAL;HARD;3;(Return code of 255 is out of bounds)
[01-09-2014 06:34:08] SERVICE ALERT: cms.sum2cloud.com;HTTP;CRITICAL;SOFT;2;(Return code of 255 is out of bounds)
[01-09-2014 06:33:33] SERVICE ALERT: cms.sum2cloud.com;PING;CRITICAL;SOFT;1;(Return code of 255 is out of bounds)
[01-09-2014 06:33:24] SERVICE ALERT: cms.sum2cloud.com;Total Processes;CRITICAL;HARD;3;(Return code of 255 is out of bounds)
[01-09-2014 06:33:17] SERVICE ALERT: cms.sum2cloud.com;Current Load;CRITICAL;HARD;3;(Return code of 255 is out of bounds)
[01-09-2014 06:32:42] SERVICE ALERT: cms.sum2cloud.com;Current Users;CRITICAL;SOFT;2;(Return code of 255 is out of bounds)
[01-09-2014 06:32:08] SERVICE ALERT: cms.sum2cloud.com;HTTP;CRITICAL;SOFT;1;(Return code of 255 is out of bounds)
[01-09-2014 06:31:24] SERVICE ALERT: cms.sum2cloud.com;Total Processes;CRITICAL;SOFT;2;(Return code of 255 is out of bounds)
[01-09-2014 06:31:17] SERVICE ALERT: cms.sum2cloud.com;Current Load;CRITICAL;SOFT;2;(Return code of 255 is out of bounds)
[01-09-2014 06:30:42] SERVICE ALERT: cms.sum2cloud.com;Current Users;CRITICAL;SOFT;1;(Return code of 255 is out of bounds)
[01-09-2014 06:29:24] SERVICE ALERT: cms.sum2cloud.com;Total Processes;CRITICAL;SOFT;1;(Return code of 255 is out of bounds)
[01-09-2014 06:29:17] SERVICE ALERT: cms.sum2cloud.com;Current Load;CRITICAL;SOFT;1;(Return code of 255 is out of bounds)
[01-09-2014 06:27:52] Nagios 4.0.2 starting... (PID=20218)
[01-09-2014 06:27:52] Caught SIGTERM, shutting down...
thanks
vinod

Re: need help

Posted: Thu Jan 09, 2014 10:41 am
by slansing
This log file means nothing to us without context, you need to tell us what your problem is, when it started to occur, some basic system information such as distro, arch, etc, and some background. When did this start happening? What changes were made to the system...etc..

Re: need help

Posted: Fri Jan 10, 2014 12:40 am
by vinoutd
these things started when a domain went live with a public ip and traffic was allowed to access it from the internet through the firewall
connections to the mysql server increased rapidly and we had to reset every now and then
i suspect a DOS attack on the server
because in our firewall all ports are kept open

Re: need help

Posted: Fri Jan 10, 2014 10:18 am
by tmcdonald
Well my first suggestion from a purely security-based viewpoint is to lock down that firewall. It might not solve the issue but it is a good idea nonetheless.

As for the restarting, can you run the following and post the output?

Code: Select all

w
ps ef | grep nagios
tail -20 /var/log/httpd/access_log
Be sure to edit out any sensitive information.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited