No data

Post by **WillemDH** » Sat Nov 28, 2015 1:24 pm

After implementing ssl on my personal website, the monitoring engine process dashlet and the monitoring engine event queue dashlets on my Nagios server no longer show data. Check out the screenshot:
I have a custom Apache configuration file:

Code: Select all

<VirtualHost *:80>                                                                                                                                                                     
        ServerName  outsideit.net                                                                                                                                                      
        DirectoryIndex index.html index.php                                                                                                                                            
        DocumentRoot /var/www/outsideit.net/public_html                                                                                                                                                                                                                                                                       
        LogLevel warn                                                                                                                                                                  
        ErrorLog  /var/www/outsideit.net/log/error.log                                                                                                                                 
        CustomLog /var/www/outsideit.net/log/access.log combined                                                                                                                       
        <Directory "/usr/local/nagiosxi/html">                                                                                                                                         
                Options None                                                                                                                                                           
                AllowOverride None                                                                                                                                                     
                Order deny,allow                                                                                                                                                       
                Deny from all                                                                                                                                                          
                Allow from xxxxx
                Require all granted                                                                                                                                                    
        #       Redirect permanent / https://outsideit.net/                                                                                                                            
        </Directory>                                                                                                                                                                   
        <Directory "/usr/local/nagios/sbin">                                                                                                                                           
                Options ExecCGI                                                                                                                                                        
                AllowOverride None                                                                                                                                                     
                Order deny,allow                                                                                                                                                       
                Deny from all                                                                                                                                                          
                Allow from xxxxx
                AuthName "Nagios Core"                                                                                                                                                 
                AuthType Basic                                                                                                                                                         
                AuthUserFile /usr/local/nagiosxi/etc/htpasswd.users                                                                                                                    
                Require valid-user                                                                                                                                                     
                Require all denied                                                                                                                                                     
         #       Redirect permanent / https://outsideit.net/                                                                                                                           
        </Directory>                                                                                                                                                                   
        <Directory "/usr/local/nagios/share">                                                                                                                                          
                Options None                                                                                                                                                           
                AllowOverride None                                                                                                                                                     
                Order deny,allow                                                                                                                                                       
                Deny from all                                                                                                                                                          
                Allow from xxxxx
                AuthName "Nagios Core"                                                                                                                                                 
                AuthType Basic                                                                                                                                                         
                AuthUserFile /usr/local/nagiosxi/etc/htpasswd.users                                                                                                                    
                Require valid-user                                                                                                                                                     
                Require all denied                                                                                                                                                     
         #       Redirect permanent / https://outsideit.net/                                                                                                                           
        </Directory>                                                                                                                                                                   
</VirtualHost>  
<VirtualHost *:443>                                                                                                                                                                      
        SSLEngine on                                                                                                                                                                     
        SSLCertificateFile path                                                                                                                                                                                                                                 
        SSLCertificateKeyFile path                                                                                                                                                                                                                         
        SSLCertificateChainFile path                                                                                                          
        Servername outsideit.net                                                                                                                                                         
        DirectoryIndex index.html index.php                                                                                                                                              
        DocumentRoot /var/www/outsideit.net/public_html                                                                                                                                                                                                                                                                         
        SSLProtocol -All +TLSv1.2                                                                                                                                                        
#       SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5                                                                                                                                           
        SSLHonorCipherOrder On                                                                                                                                                           
        SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS                                     
        LogLevel warn                                                                                                                                                                    
        ErrorLog  /var/www/outsideit.net/log/error.log                                                                                                                                   
        CustomLog /var/www/outsideit.net/log/access.log combined                                                                                                                         
        <Directory "/usr/local/nagiosxi/html">                                                                                                                                           
                Options None                                                                                                                                                             
                AllowOverride None                                                                                                                                                       
                Order deny,allow                                                                                                                                                         
                Deny from all                                                                                                                                                            
                Allow from xxxxx
                Require all granted                                                                                                                                                      
        </Directory>                                                                                                                                                                     
        <Directory "/usr/local/nagios/sbin">                                                                                                                                             
                Options ExecCGI                                                                                                                                                          
                AllowOverride None                                                                                                                                                       
                Order deny,allow                                                                                                                                                         
                Deny from all                                                                                                                                                            
                Allow from xxxxx
                AuthName "Nagios Core"                                                                                                                                                   
                AuthType Basic                                                                                                                                                           
                AuthUserFile /usr/local/nagiosxi/etc/htpasswd.users                                                                                                                      
                Require valid-user                                                                                                                                                       
                Require all denied                                                                                                                                                       
        </Directory>                                                                                                                                                                     
        <Directory "/usr/local/nagios/share">
                Options None
                AllowOverride None
                Order deny,allow
                Deny from all
                Allow from xxxxx
                AuthName "Nagios Core"
                AuthType Basic
                AuthUserFile /usr/local/nagiosxi/etc/htpasswd.users
                Require valid-user
                Require all denied
        </Directory>
        <IfModule mod_rewrite.c>
                RewriteEngine On
                RewriteCond %{REQUEST_FILENAME} !-f
                RewriteCond %{REQUEST_FILENAME} !-d
                RewriteRule nagiosxi/api/v1/(.*)$ /usr/local/nagiosxi/html/api/v1/index.php?request=$1 [QSA,NC,L]
        </IfModule>
</VirtualHost>

Alias /nagiosxi "/usr/local/nagiosxi/html"
ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"
Alias /nagios "/usr/local/nagios/share"

It doesn't work with or without ssl. I know this is a not supported configuration but if I could get some advice how to troubleshoot this, I'm a bit stuck atm. Apart from those two dashlets everyhting seems to be working normally. I don't see any errors in the Apache errorlog, nor in the developer console.

EDIT: The apply configuration is also acting a bit weird. The apply configuration windows just keeps going:

Code: Select all

Waiting for configuration verification........................................................................................................................................................................................................................

but the cmdsubsystem says all is ok and when opening Nagios in another window the new configuration seems to be applied correctly.

Code: Select all

Checking global event handlers...                                                                 
Checking obsessive compulsive processor commands...                                               
Checking misc settings...                                                                         
                                                                                                  
Total Warnings: 50                                                                                
Total Errors:   0                                                                                 
                                                                                                  
Things look okay - No serious problems were detected during the pre-flight check                  
RET: 0                                                                                            
OUTPUT=RET: 0                                                                                     
RETURNCODE=0

Post by **Box293** » Sun Nov 29, 2015 10:31 pm

Admin > System Config > System Settings
What is defined in the "Program URL" and the "External URL" ?

Post by **WillemDH** » Mon Nov 30, 2015 5:11 am

Just followed the 'Configuring SSL with Nagios XI' PDF. Check screenshot. I tried setting them back to

Code: Select all

http://outsideit.net/nagiosxi/

but same issue. Checked error log /var/www/outsideit.net/log/error.log but nothing useful. Maybe I should set it to debug or something.

Also when I try to Force an immediate check it does do the immediate check, but the popup message says:

rkennedy · Post by **rkennedy** » Mon Nov 30, 2015 4:33 pm

Does it work if you alter your configuration in the multiple places that you are explicitly allowing the IPs to allow 127.0.0.1?

Code: Select all

Allow from 127.0.0.1

Just to clarify - is the Nagios server hosted on the same server that hosts your domain outsideit.net?

Post by **WillemDH** » Tue Dec 01, 2015 4:51 am

Yes indeed my test Nagios XI server is installed on the same LAMP stack as my personal website https://outsideit.net

This has worked flawless for almost a year. But since I migrated to https I'm experiencing these problems. The weird thing is that everything still works. It just seems to hang and never end, but when opening another page, the changes are always done as requested. The problem is with http and with https. Also tried updating the system setting with http and with https.

Yes 127.0.0.1 is in the 'allow from'. This is the complete list of ip addresses in all 'allow from' directives:

Code: Select all

Allow from 78.21.36.168 127.0.0.1 ::1 212.71.234.84 2a01:7e00::f03c:91ff:fe18:6141 fe80::f03c:91ff:fe18:6141

78.21.36.168 is the ip of my home pc. This address is updated automatically when I ssh into my server with a Bash script in init.sh.
::1 => inet6 lo
127.0.0.1 => inet lo
212.71.234.84 => eth0 inet
fe80::f03c:91ff:fe18:6141 => eth0 inet6
2a01:7e00::f03c:91ff:fe18:6141 => eth0 inet6

This has worked in the past. I remember having the same issue when I didn't add 127.0.0.1 half a year ago, so this definitely was a good tip Rkennedy. Any other tips?

rkennedy · Post by **rkennedy** » Tue Dec 01, 2015 10:22 am

Just wanted to make sure you weren't running a reverse proxy of some sort leading to NAT issues.

Hmm, is there anything useful in the /var/log/httpd/ssl_error_log or /var/log/httpd/error_log when you try to apply configuration?

Post by **WillemDH** » Tue Dec 01, 2015 12:11 pm

Already checked those.
Changed the log location to:
http:
ErrorLog /var/log/httpd/error_http.log
CustomLog /var/log/httpd/access_http.log combined
https:
ErrorLog /var/log/httpd/error_https.log
CustomLog /var/log/httpd/access_https.log combined
With the current logging level I'm not seeing anything useful. Is there a setting to change the loglevel? Also where is the code for the Monitoring Engine Event Queue located? Maybe I can have a look in the code and some PPHP console logging?

EDIT: Tried playing around with the /var/log/httpd/access_http.log

So I removed all working dashlets from http://outsideit.net/nagiosxi/includes/ ... e-main.php and tailed from http or https:

http:

Code: Select all

78.21.36.168 - - [01/Dec/2015:20:42:19 +0100] "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_eventqueue_chart_html%22%2C%22args%22%3A%7B%22container%22%3A%22sysstat_eventqueuechart_eqivia%22%7D%7D&nsp=acbbb3a75d70af20bd016cbdead6a7eb HTTP/1.1" 200 30 "http://outsideit.net/nagiosxi/includes/page-home-main.php" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36"
78.21.36.168 - - [01/Dec/2015:20:42:24 +0100] "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_eventqueue_chart_html%22%2C%22args%22%3A%7B%22container%22%3A%22sysstat_eventqueuechart_eqivia%22%7D%7D&nsp=acbbb3a75d70af20bd016cbdead6a7eb HTTP/1.1" 200 30 "http://outsideit.net/nagiosxi/includes/page-home-main.php" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36"
78.21.36.168 - - [01/Dec/2015:20:42:29 +0100] "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_eventqueue_chart_html%22%2C%22args%22%3A%7B%22container%22%3A%22sysstat_eventqueuechart_eqivia%22%7D%7D&nsp=acbbb3a75d70af20bd016cbdead6a7eb HTTP/1.1" 200 30 "http://outsideit.net/nagiosxi/includes/page-home-main.php" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36"
78.21.36.168 - - [01/Dec/2015:20:42:34 +0100] "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_eventqueue_chart_html%22%2C%22args%22%3A%7B%22container%22%3A%22sysstat_eventqueuechart_eqivia%22%7D%7D&nsp=acbbb3a75d70af20bd016cbdead6a7eb HTTP/1.1" 200 30 "http://outsideit.net/nagiosxi/includes/page-home-main.php" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36"
78.21.36.168 - - [01/Dec/2015:20:42:39 +0100] "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_monitoring_proc_html%22%2C%22args%22%3A%22%22%7D&nsp=acbbb3a75d70af20bd016cbdead6a7eb HTTP/1.1" 200 134 "http://outsideit.net/nagiosxi/includes/page-home-main.php" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36"
78.21.36.168 - - [01/Dec/2015:20:42:39 +0100] "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_eventqueue_chart_html%22%2C%22args%22%3A%7B%22container%22%3A%22sysstat_eventqueuechart_eqivia%22%7D%7D&nsp=acbbb3a75d70af20bd016cbdead6a7eb HTTP/1.1" 200 30 "http://outsideit.net/nagiosxi/includes/page-home-main.php" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36"
78.21.36.168 - - [01/Dec/2015:20:42:44 +0100] "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_eventqueue_chart_html%22%2C%22args%22%3A%7B%22container%22%3A%22sysstat_eventqueuechart_eqivia%22%7D%7D&nsp=acbbb3a75d70af20bd016cbdead6a7eb HTTP/1.1" 200 30 "http://outsideit.net/nagiosxi/includes/page-home-main.php" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36"
78.21.36.168 - - [01/Dec/2015:20:42:49 +0100] "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_eventqueue_chart_html%22%2C%22args%22%3A%7B%22container%22%3A%22sysstat_eventqueuechart_eqivia%22%7D%7D&nsp=acbbb3a75d70af20bd016cbdead6a7eb HTTP/1.1" 200 30 "http://outsideit.net/nagiosxi/includes/page-home-main.php" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36"
78.21.36.168 - - [01/Dec/2015:20:42:54 +0100] "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_eventqueue_chart_html%22%2C%22args%22%3A%7B%22container%22%3A%22sysstat_eventqueuechart_eqivia%22%7D%7D&nsp=acbbb3a75d70af20bd016cbdead6a7eb HTTP/1.1" 200 30 "http://outsideit.net/nagiosxi/includes/page-home-main.php" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36"
78.21.36.168 - - [01/Dec/2015:20:42:59 +0100] "GET /nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_eventqueue_chart_html%22%2C%22args%22%3A%7B%22container%22%3A%22sysstat_eventqueuechart_eqivia%22%7D%7D&nsp=acbbb3a75d70af20bd016cbdead6a7eb HTTP/1.1" 200 30 "http://outsideit.net/nagiosxi/includes/page-home-main.php" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36"

So there is the get_eventqueue_chart_html for the Monitoring Engine Event Queue and the get_monitoring_stats_html for the Monitoring Engine Process which both don't work. Tried debugging with the devloper browser console too. This enabled me to find the queries which returns no data:

Code: Select all

http://outsideit.net/nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_eventqueue_chart_html%22%2C%22args%22%3A%7B%22container%22%3A%22sysstat_eventqueuechart_eqivia%22%7D%7D&nsp=acbbb3a75d70af20bd016cbdead6a7eb

"Error: No output from backend!"

Code: Select all

http://outsideit.net/nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_monitoring_proc_html%22%2C%22args%22%3A%22%22%7D&nsp=acbbb3a75d70af20bd016cbdead6a7eb

"Monitoring Engine Process
No data
Last Updated: 2015-12-01 20:48:09"

Do you see anything wrong with these url's? As a reference added a dashlet which does work, such as the Server statistics dashlet:

Code: Select all

http://outsideit.net/nagiosxi/ajaxhelper.php?cmd=getxicoreajax&opts=%7B%22func%22%3A%22get_server_stats_html%22%2C%22args%22%3A%22%22%7D&nsp=acbbb3a75d70af20bd016cbdead6a7eb

The above url works perfect.

Thanks for the help. I'm a bit lost in this.

ssax · Post by **ssax** » Tue Dec 01, 2015 6:04 pm

This is usually related to a misconfiguration in HTTPD, please zip up and PM me your /etc/httpd/conf/httpd.conf, /etc/httpd/conf.d/ssl.conf, and /etc/httpd/conf.d/nagiosxi.conf files.

Post by **WillemDH** » Thu Dec 10, 2015 11:46 am

I'm just posting this to let you know I'm trying to get to the bottom of this. I noticed after updating to 5.2.3 that at the end of the installation log in CLI, I was told to surf to http:///nagiosxi => It seems like Nagios, is not seeing the ServerName directive somehow..

Httpd Config check results in:

Code: Select all

➜  nagiosxi  sudo /usr/sbin/httpd -S
VirtualHost configuration:
*:443                  is a NameVirtualHost
         default server outsideit.net (/etc/httpd/sites-enabled/00.outsideit.net.conf:61)
         port 443 namevhost outsideit.net (/etc/httpd/sites-enabled/00.outsideit.net.conf:61)
         port 443 namevhost outsideit.net (/etc/httpd/sites-enabled/00.outsideit.net.conf:61)
*:80                   is a NameVirtualHost
         default server outsideit.net (/etc/httpd/sites-enabled/00.outsideit.net.conf:16)
         port 80 namevhost outsideit.net (/etc/httpd/sites-enabled/00.outsideit.net.conf:16)
         port 80 namevhost outsideit.net (/etc/httpd/sites-enabled/00.outsideit.net.conf:16)
         port 80 namevhost ghent.outsideit.net (/etc/httpd/sites-enabled/ghent.outsideit.net.conf:4)
         port 80 namevhost ghent.outsideit.net (/etc/httpd/sites-enabled/ghent.outsideit.net.conf:4)
ServerRoot: "/etc/httpd"
Main DocumentRoot: "/var/www"
Main ErrorLog: "/etc/httpd/logs/error_log"
Mutex authdigest-opaque: using_defaults
Mutex proxy-balancer-shm: using_defaults
Mutex rewrite-map: using_defaults
Mutex authdigest-client: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex authn-socache: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/run/httpd/" mechanism=default
Mutex mpm-accept: using_defaults
PidFile: "/run/httpd/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="apache" id=48
Group: name="apache" id=48

Code: Select all

hostnamectl status
   Static hostname: outsideit.net
         Icon name: computer-vm
           Chassis: vm
        Machine ID: 72863e389b584a4dab36fae7f3bffda2
           Boot ID: dd6fa6ab3e5543d9a3ea0b1ad75a77f4
  Operating System: CentOS Linux 7 (Core)
       CPE OS Name: cpe:/o:centos:centos:7
            Kernel: Linux 4.1.5-x86_64-linode61
      Architecture: x86_64

I was trying to find the Nagios XI upgrade log, but couldn't find it. Where could I find the upgrade logfile?

EDIT: Ok I analyzed the install script a bit and found the reason why after the upgrade I was referred to go to http:///nagiosxi

Code: Select all

if [ $ver -eq 7 ]; then                                                                                                   
        ip=$(ip addr | egrep -1 ens[0-9][0-9] | grep -m 1 'inet' | awk '/inet[^6]/{print substr($2,0)}' | sed 's|/.*||')  
else                                                                                                                      
        ip=$(ifconfig | egrep -1 eth[0-9] | grep -m 1 'inet' | awk '/inet[^6]/{print substr($2,6)}')                      
fi

This code is a problem on CentOS 7 servers that still have eth named nics..

Code: Select all

ip addr | egrep -1 ens[0-9][0-9]
zsh: no matches found: ens[0-9][0-9]

A better way to get the ip of a server os independent is:

Code: Select all

ip route get 8.8.8.8 | head -1 | cut -d' ' -f8

As an upgrade needs Internet access, 8.8.8.8 should always be accessible no?

Is it possible that XI is somehow retrieving my ip the same method as in the upgrade script? Could this be the reason I'm having issues with some dashlets etc? Or is this definitely unrelated?

ssax · Post by **ssax** » Thu Dec 10, 2015 6:15 pm

What distro/version of Linux and version of Apache are you running? I'm going to set this up in a lab so I can adjust the configs.

Nagios Support Forum

No data

No data

Re: No data

Re: No data

Re: No data

Re: No data

Re: No data

Re: No data

Re: No data

Re: No data

Re: No data