Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

how do i monitor Linux User Account Status

https://support.nagios.com/forum/viewtopic.php?t=38804

Page 1 of 2

how do i monitor Linux User Account Status

Posted: Thu Jun 09, 2016 2:43 am
by harsha.s.aryan
hi All,

is there any Way to monitor Linux Users status (Locked/Active, password Exp Etc,.) details using nagios

Regards,
Aryan

Re: how do i monitor Linux User Account Status

Posted: Thu Jun 09, 2016 10:21 am
by hsmith
Try this one out: https://exchange.nagios.org/directory/P ... on/details

Re: how do i monitor Linux User Account Status

Posted: Thu Jun 09, 2016 10:47 am
by harsha.s.aryan
Hi That plugin is really awesome but i am not getting which user is critical

Output is pasting below, please let me know if i have to do any changes.

./check_passwd_expiration
PASSWD_EXPIRATION CRITICAL - , Excluded account(s): [none]

i am not getting the user names which are expired

Re: how do i monitor Linux User Account Status

Posted: Thu Jun 09, 2016 3:17 pm
by lmiltchev
Did you add the following lines to sudoers?

Code: Select all

User_Alias NAGIOS = nagios
NAGIOS ALL = NOPASSWD: /usr/bin/chage -l *
Defaults:NAGIOS !requiretty
Run the following command and show the output:

Code: Select all

chage -l <user with expiring password>
The plugin seems to be working fine for me.

Code: Select all

[root@192 libexec]# chage -l tom
Last password change                                    : Jun 09, 2016
Password expires                                        : Jun 10, 2016
Password inactive                                       : never
Account expires                                         : Jun 10, 2016
Minimum number of days between password change          : 0
Maximum number of days between password change          : 1
Number of days of warning before password expires       : 7

Code: Select all

[root@192 libexec]# ./check_passwod_expiration
PASSWOD_EXPIRATION CRITICAL - Exp < 4j:[tom], Excluded account(s): [none]
The username (tom) is shown.

Re: how do i monitor Linux User Account Status

Posted: Thu Jun 09, 2016 3:50 pm
by harsha.s.aryan
Hi,

Please find the output below

i am using Ubuntu 14.04.3

Code: Select all

root@Nagios:/home/harshas# chage -l harsha
Last password change                                    : password must be changed
Password expires                                        : password must be changed
Password inactive                                       : password must be changed
Account expires                                         : never
Minimum number of days between password change          : 0
Maximum number of days between password change          : 99999
Number of days of warning before password expires       : 7
root@Nagios:/home/harshas# ./check_passwd_expiration
PASSWD_EXPIRATION CRITICAL - , Excluded account(s): [none]
root@Nagios:/home/harshas#

Re: how do i monitor Linux User Account Status

Posted: Thu Jun 09, 2016 5:03 pm
by lmiltchev
You have:
Account expires : never
What happens if you set your user to expire (for example) in a week?

Code: Select all

chage -E "2016-06-16" harsha
Test the plugin again:

Code: Select all

./check_passwd_expiration

Re: how do i monitor Linux User Account Status

Posted: Thu Jun 09, 2016 10:09 pm
by harsha.s.aryan
Getting same output

Re: how do i monitor Linux User Account Status

Posted: Fri Jun 10, 2016 10:00 am
by rkennedy
Can you show us the full output of this? chage -l harsha

Re: how do i monitor Linux User Account Status

Posted: Fri Jun 10, 2016 12:43 pm
by harsha.s.aryan
Please find the output below

Code: Select all

root@Nagios:~# chage -l harsha
Last password change                                    : password must be changed
Password expires                                        : password must be changed
Password inactive                                       : password must be changed
Account expires                                         : Jun 16, 2016
Minimum number of days between password change          : 0
Maximum number of days between password change          : 99999
Number of days of warning before password expires       : 7

Re: how do i monitor Linux User Account Status

Posted: Fri Jun 10, 2016 1:02 pm
by lmiltchev
Last password change : password must be changed
Password expires : password must be changed
Password inactive : password must be changed
Ask the user to log in and change the password. In comparison, I have:
Last password change : Jun 09, 2016
Password expires : Jun 10, 2016
Password inactive : never
All times are UTC-05:00
Page 1 of 2

Powered by phpBB® Forum Software © phpBB Limited