Page 1 of 3
Monitoring client with public address CRITICAL
Posted: Mon Feb 23, 2015 10:22 am
by ziedmahjoub
Hello,
i have Nagios core 4.0.8 running fine on our IT company to monitor the local computers .
Now i want to monitor distant computers in another company , i have installed the NSClientt++ in a computer like i have done with our local ones , but i got
CRITICAL status
and it says :
Code: Select all
CRITICAL - Socket timeout after 10 seconds
by the way :
the distant company that i want to monitor,all its computers connect to the internet with a single ip address, so i dont know how the nagios core will understand that i want to monitor a specific computer since all computers in the company have the same public address .
any solutions ? thanks
Re: Monitoring client with public address CRITICAL
Posted: Mon Feb 23, 2015 1:06 pm
by tmcdonald
You might need to use something like NRPE to act as a proxy. Essentially you would install NRPE on a machine that is reachable by the public-facing IP, then either define commands for each server with the address hard-coded in, or allow arbitrary commands (somewhat of a security risk) and dynamically assign the IP/address for each service from the Nagios Core server.
http://assets.nagios.com/downloads/nagi ... ios-XI.pdf
http://assets.nagios.com/downloads/nagi ... utions.pdf
Re: Monitoring client with public address CRITICAL
Posted: Mon Feb 23, 2015 1:16 pm
by ziedmahjoub
You might need to use something like NRPE to act as a proxy. Essentially you would install NRPE on a machine that is reachable by the public-facing IP
step by step tmcdonald
, you mean by this that i must install NRPE in the client computer to act like a proxy right ?
but the client is a windows computer !!
Re: Monitoring client with public address CRITICAL
Posted: Mon Feb 23, 2015 1:18 pm
by ziedmahjoub
You mean the distributed method ?
i configure a nagios core there ,then that distant will be like a client to my nagios main server in my IT company ?
Re: Monitoring client with public address CRITICAL
Posted: Mon Feb 23, 2015 3:35 pm
by jdalrymple
ziedmahjoub,
There isn't only 1 way to do this, there are multiple ways. You just have to choose the one that's most proper for your application.
You could handle this the way you describe, adding a Nagios instance then using NRDP
http://exchange.nagios.org/directory/Do ... ew/details or NCSA
http://exchange.nagios.org/directory/Ad ... or/details to send passive checks back to your primary Nagios instance.
Alternatively, less elegantly and less secure you could simply place remote plugin executor such as nsclient++
http://www.nsclient.org/ or ncpa
http://exchange.nagios.org/directory/Ad ... PA/details and then have your Windows box run arbitrary checks in the remote network. That process is described here:
http://nagios.sourceforge.net/docs/3_0/ ... hecks.html
There are 2 different methods with different sub-methods within. Choose the tool that is most proper for you job and let us know if we can help further.
Re: Monitoring client with public address CRITICAL
Posted: Tue Feb 24, 2015 4:56 am
by ziedmahjoub
thanks jdalrymple,
i chose this method, i have a question : NSClient++ can act as an NRPE daemon ?
If its the case i installed NSClient++ in the remote host but the services status are CRITICAL-Socket timeout
Re: Monitoring client with public address CRITICAL
Posted: Tue Feb 24, 2015 10:09 am
by jdalrymple
Have you configured all the firewalls in the path of the data transmission per nsclient++ specifications?
http://www.nsclient.org/nscp/wiki/doc/i ... l#Firewall
Also, you mentioned using check_nrpe, are you certain you're using that transport or do you have it configured for check_nt? That could be the problem also.
http://nsclient.org/nscp/wiki/doc/usage/nagios
Re: Monitoring client with public address CRITICAL
Posted: Tue Feb 24, 2015 11:20 am
by ziedmahjoub
for this i'm sure it's all right i've typed in the command line of the client machine
netstat -a
and i've seen that both 12489 and 5666 ports are open , so i think the firewall of the machine is not blocking them.
For this i didn't understand well what do you mean by " using that transport or do you have it configured for check_nt?"
by the way if this can help you , when i type the
Code: Select all
/usr/local/nagios/libexec$ ./check_nrpe -H <public IP of the host>
CHECK_NRPE : Socket timeout after 10 seconds
its logic i got that output since the <public IP of the host> is the public address of all computers in company.
thanks
Re: Monitoring client with public address CRITICAL
Posted: Tue Feb 24, 2015 11:48 am
by jdalrymple
The netstat command will only tell you if a socket is listening. It cannot tell you if external hosts can penetrate the firewall to attach to those ports. This includes even Windows Firewall, not to mention other firewalls such as one at the border of your network where the actual public IP resides (perhaps this is the Windows box itself, we don't have enough information to know).
As for the transport method, you are listening on both ports, so once we can actually create network communication then we can move forward with making those transports work.
For now, what can you tell us about the network. Does this Windows box reside at that public IP address, or is it behind a firewall with a NAT configured? If the latter, would it be possible to have the administrator of the firewall verify traffic is being properly NATted?
Re: Monitoring client with public address CRITICAL
Posted: Tue Feb 24, 2015 11:59 am
by ziedmahjoub
thanks for the explanation jdalrymple,
For now, what can you tell us about the network. Does this Windows box reside at that public IP address, or is it behind a firewall with a NAT configured? If the latter, would it be possible to have the administrator of the firewall verify traffic is being properly NATted?
for this i will see it and give you a feedback tomorrow .
thanks a lot jdalrymple