Page 1 of 1
Monitoring devices I can't connect to directly
Posted: Tue May 13, 2014 11:42 pm
by sylvesterc
I need to monitor devices I have no direct access to (in private network, no port forwarding /whatever is allowed from outside).
What is the simplest way to start monitoring such devices with Nagios?
Thank you in advance for explanations.
-- Sylvester
Re: Monitoring devices I can't connect to directly
Posted: Wed May 14, 2014 9:05 am
by tmcdonald
In cases like this you would want to look into passive check results, which is sort of the opposite of active checks. Instead of Nagios checking the host, the host reports back to Nagios.
http://nagios.sourceforge.net/docs/3_0/ ... hecks.html
Re: Monitoring devices I can't connect to directly
Posted: Thu May 15, 2014 5:47 am
by sylvesterc
@tmcdonald, thank you for the link. Indeed, it means using passive checks. However, it also means writing a script every time I need to set up such a monitoring.
I wonder, is it possible to install Nagios within closed network, and instruct it to generate proper command file for outer ("master") Nagios installation?
It could somewhat save time and necessity to re-write the script every time I need change in what I monitor behind the firewall.
-- Sylvester
Re: Monitoring devices I can't connect to directly
Posted: Thu May 15, 2014 8:30 am
by falken
Hi,
You can also use VPN as an option.
I wonder, is it possible to install Nagios within closed network, and instruct it to generate proper command file for outer ("master") Nagios installation?
You can try to use mk_livestatus and export it somewhere (ex. your company ftp) and use this exported status at your main nagios host with thruk or other livestatus frontend.
Cheers.
Re: Monitoring devices I can't connect to directly
Posted: Thu May 15, 2014 4:38 pm
by sreinhardt
Opposed to having an internal core engine generate configs, you should be able to push via nrdp or nrds from the inner protected network out to the main nagios system, in much the same way that passive checks work, with the notable exception that you have a full core available in both places! Take a look at
distributed monitoring.
Re: Monitoring devices I can't connect to directly
Posted: Fri May 16, 2014 8:23 am
by sylvesterc
Thanks for the responses and links. From what I saw, DNX looks the solution most close to what I need.
Re: Monitoring devices I can't connect to directly
Posted: Fri May 16, 2014 9:52 am
by slansing
If going that route I'd highly recommend using Mod_gearman instead of DNX as DNX has been unsupported and undeveloped for years at this point.
Re: Monitoring devices I can't connect to directly
Posted: Sat May 17, 2014 3:56 am
by sylvesterc
slansing wrote:If going that route I'd highly recommend using Mod_gearman instead of DNX as DNX has been unsupported and undeveloped for years at this point.
Looks like a trend - what seemed most convenient goes unsupported. Thank for the recommendation, I'll study it shortly.
-- Sylvester
Re: Monitoring devices I can't connect to directly
Posted: Mon May 19, 2014 9:38 am
by tmcdonald
sylvesterc wrote:slansing wrote:If going that route I'd highly recommend using Mod_gearman instead of DNX as DNX has been unsupported and undeveloped for years at this point.
Looks like a trend - what seemed most convenient goes unsupported. Thank for the recommendation, I'll study it shortly.
-- Sylvester
Yea, unfortunately that's often the case with some open-source projects. We try to keep with the times and if a third-party project like DNX goes without updates we'll naturally start looking for something like mod_gearman to replace it. While convenience may be an issue (gearman can be a bit touchy) I don't think you'll be disappointed once you get the hang of it.