Page 1 of 2
Alert if a process IS running, rather than if it isn't
Posted: Thu Aug 13, 2015 9:27 am
by neworderfac33
Good afternoon,
We are trying to adopt a policy where editing tools such as Notepad or Notepad++ are only installed on and run from a local PC to edit files on remote servers, rather than having them installed on each server.
So, I want my alerts to show when a process IS running, rather than when it isn't.
Here's an example from my Windows.cfg - how do I adapt it to send the alerts when Notepad++ IS running instead?
Code: Select all
define service{
use generic-service
#host_name MN2SVWBDT001SD0, MN2SVWBDT001SU0
hostgroup_name windows-servers
service_description Application - Notepad ++
check_command check_nt!PROCSTATE! -d SHOWALL -l Notepad++.exe
}
Thanks in advance
Pete
Re: Alert if a process IS running, rather than if it isn't
Posted: Thu Aug 13, 2015 9:50 am
by tmcdonald
Yo
https://assets.nagios.com/downloads/nag ... ios-XI.pdf
Works for Core too, you just have to edit the config files instead of using the web configuration interface.
Re: Alert if a process IS running, rather than if it isn't
Posted: Thu Aug 13, 2015 10:55 am
by neworderfac33
Good afternoon - thank you for taking the time to reply!
Code: Select all
define service{
use generic-service
#host_name SERVER1, SERVER2
hostgroup_name windows-servers
service_description Application - Notepad ++
check_command check_nt!negate!PROCSTATE! -d SHOWALL -l Notepad++.exe
}
returned: "check_nt: Could not parse arguments" in the browser.
Code: Select all
define service{
use generic-service
#host_name SERVER1, SERVER2
hostgroup_name windows-servers
service_description Application - Notepad
check_command negate!check_nt!PROCSTATE!-d SHOWALL -l Notepad.exe
threw out an error during verify.
Code: Select all
define service{
use generic-service
#host_name SERVER1, SERVER2
hostgroup_name windows-servers
service_description Application - Notepad ++
check_command check_nt!PROCSTATE!negate! -d SHOWALL -l Notepad++.exe
}
returned "No service/process specified" in the browser.
How do I correctly include the negate parameter, please?
Actually, how do I even know whether the negate plugin is installed at all? Is it one that comes with the Nagios Core installation, or does it have to be installed separately?
I'm using Nagios Core within RedHat Enterprise 6.6
Thanks
Pete
Re: Alert if a process IS running, rather than if it isn't
Posted: Thu Aug 13, 2015 12:12 pm
by jolson
The negate parameter must be run in front of the command that you're attempting to run. e.g.
Without Negate:
NRPE v2.15
0
With Negate:
Code: Select all
./negate ./check_nrpe -H 127.0.0.1
Your check command_definition should look like this:
Code: Select all
check_command negate!check_nt!PROCSTATE! -d SHOWALL -l Notepad++.exe
What happens if you run the following from the command line?
Code: Select all
/usr/local/nagios/libexec/negate /usr/local/nagios/libexec/check_nt -H x.x.x.x -p 12489 -v PROCSTATE -d SHOWALL -l Notepad++.exe
Re: Alert if a process IS running, rather than if it isn't
Posted: Fri Aug 14, 2015 3:25 am
by neworderfac33
Good morning,
In answer to your final question, running from the command line returns:
Notepad++.exe: not running
When attempting to verify my windows.cfg, which includes:
Code: Select all
define service{
use generic-service
#host_name MYFIRSTSERVER, MYSECONDSERVER
hostgroup_name windows-servers
service_description Application - Notepad ++
check_command negate!check_nt!PROCSTATE! -d SHOWALL -l notepad++.exe
}
I get:
Error: Service check command 'negate!check_nt!PROCSTATE! -d SHOWALL -l Notepad++.exe' specified in service 'Application - Notepad ++' for host 'MYSERVER1' not defined anywhere!
Error: Service check command 'negate!check_nt!PROCSTATE! -d SHOWALL -l Notepad++.exe' specified in service 'Application - Notepad ++' for host 'MYSERVER2' not defined anywhere!
Not sure if it was worth my while, but I also tried prefixing the negate command with the full path thus:
Code: Select all
check_command /usr/local/nagios/libexec/negate!check_nt!PROCSTATE! -d SHOWALL -l Notepad++.exe
but this didn't work either.
I've gone into the
/usr/local/nagios/libexec folder and confirmed that negate is there:
-rwxr-xr-x 1 nagios nagios 131089 Jul 23 12:16 negate
Thanks
Pete
Re: Alert if a process IS running, rather than if it isn't
Posted: Fri Aug 14, 2015 10:27 am
by neworderfac33
...oh, and by the way, if anyone takes the trouble to reply to this and they don't get a reply, it's because I'll be on leave next week, with no Internet access.
At least, that's what I'll be telling my 12 year old!
Pete
Re: Alert if a process IS running, rather than if it isn't
Posted: Fri Aug 14, 2015 12:08 pm
by hsmith
Pete, a few things.
I am guessing that you have not made a command for negate. I'll walk you through how I did this:
Open up commands.cfg
Code: Select all
vi /usr/local/nagios/etc/commands.cfg
Add a command for negate, this is mine ( you can do it prettier and nicer, this is just a fast one I wrote up trying to catch you before you took off )
Code: Select all
define command {
command_name negate2
command_line $USER1$/negate $USER1$/$ARG1$
}
I chose to do this with one argument for simplicity's sake.
Code: Select all
define service {
host_name my.pc.name
service_description peterooney notepad++ negate test
use generic-service
check_command negate2!/check_nt -H x.x.x.x -p 12489 -s mypassword -v PROCSTATE -d SHOWALL -l "notepad++.exe"!!!!!!!
}
That way, you can just use negate(negate 2 in my case) and whatever you want to call after it. I could have done this a little bit nicer and separated it out into more arguments, but this gets the job done.
Try this out and let me know if it works for you!
Edit: enjoy your vacation-thing!
Re: Alert if a process IS running, rather than if it isn't
Posted: Mon Aug 24, 2015 3:28 am
by neworderfac33
Good morning, and thanks for your reply!
My commands.cfg is in /usr/local/nagios/etc/
objects, which foxed me for a while!
Anyhow, I added this:
Code: Select all
define command {
command_name negatepr
command_line $USER1$/negate $USER1$/$ARG1$
}
and I amended my windows.cfg as follows:
Code: Select all
define service{
use generic-service
#host_name MYFIRSTSERVER, MYSECONDSERVER
hostgroup_name windows-servers
service_description Application - Notepad++ Version 2
check_command negatepr!/check_nt -v PROCSTATE -d SHOWALL -l "Notepad++.exe"!!!!!!!
}
This throws out:
check_nt: You must provide a server address or host name in the browser.
Unfortunately, I don't want to have to specify the server IDs in the service, as in your suggestion, as I prefer to define them all as
windows-servers and refer to that instead,
Could you also explain the significance of the exclamation marks at the end of the command, please? If I'm omitting the port and password parameters, do I only need 5 instead of seven?
Thanks
Pete
Re: Alert if a process IS running, rather than if it isn't
Posted: Mon Aug 24, 2015 10:34 am
by jdalrymple
In a check_command directive of a service definition the ! character separates arguments.
peterooney wrote:Code: Select all
command_line $USER1$/negate $USER1$/$ARG1$
...
Code: Select all
check_command negatepr!/check_nt -v PROCSTATE -d SHOWALL -l "Notepad++.exe"!!!!!!!
Get rid of your leading / - it's redundant
Code: Select all
check_command negatepr!check_nt -v PROCSTATE -d SHOWALL -l "Notepad++.exe"!!!!!!!
peterooney wrote:Unfortunately, I don't want to have to specify the server IDs in the service, as in your suggestion, as I prefer to define them all as windows-servers and refer to that instead,
That's why we have the $HOSTADDRESS$ macro. Just apply your service to whatever host you like and Nagios takes care of the rest.
Code: Select all
check_command negatepr!check_nt -H $HOSTADDRESS$ -v PROCSTATE -d SHOWALL -l "Notepad++.exe"!!!!!!!
Also - I've found check_nt to have mixed reliability when not specifying the port:
Code: Select all
check_command negatepr!check_nt -H $HOSTADDRESS$ -p 12489 -v PROCSTATE -d SHOWALL -l "Notepad++.exe"!!!!!!!
Have a blast.
Re: Alert if a process IS running, rather than if it isn't
Posted: Mon Aug 24, 2015 10:49 am
by neworderfac33
Thanks for your reply!
I must admit, I'm fast losing faith in my ability to ever get this sorted - I've spent the equivalent of four working days (five including today) trying to get one negate command working and I really am coming to the end of my rope.
My post seems to have become corrupted somehow - my final question was what was the significance of all the trailing exclamation marks on the check_command line - Do they need to be there and do I need seven of them - oh, and does notepad++.exe need to be within double quotes? I have followed the previous poster's instructions to the letter, perhaps without totally understanding them.
On the assumption that I have to create negatepr (or equivalent) in commands.cfg, and that there's no way to achieve what I want without doing so, Is there any reason why the following shouldn't work?
COMMANDS.CFG
Code: Select all
define command {
command_name negatepr
command_line $USER1$/negate $USER1$/$ARG1$
}
WINDOWS.CFG
Code: Select all
define host{
use windows-server
host_name FIRSTSERVER
alias Dev-Jenkins
address 88.88.88.88
hostgroups windows-servers
}
define host{
use windows-server
host_name SECONDSERVER
alias UAT-Jenkins
address 99.99.99.99
hostgroups windows-servers
}
define hostgroup{
hostgroup_name windows-servers
alias Jenkins Test Servers
}
define service{
use generic-service
#host_name FIRSTSERVER, SECONDSERVER
hostgroup_name windows-servers
service_description Application - Notepad++ Version 2
check_command negatepr!check_nt -v PROCSTATE -d SHOWALL -l "Notepad++.exe"
}
At the moment, the browser is returning:
Code: Select all
check_nt: You must provide a server address or host name
Thanks for your help.
Pete