Page 1 of 2
Error: Request contained illegal metachars!
Posted: Thu Nov 17, 2016 10:01 am
by nagios_321
People,
I have a check defined in nrpe.conf
Code: Select all
command[proc_myjob]=/usr/lib64/nagios/plugins/check_procs -c 1:1 --ereg-argument-array="^[u]myjob.*--instance Primary --mission myjob"
This works a treat when defined in nrpe.conf on the client, but I want to offload this into NagioXI so the attributes of the check can be changed on users dashboards.
When I define the below in nrpe.conf
Code: Select all
command[check_procs_test]=/usr/lib64/nagios/plugins/check_procs -c $ARG1$ --ereg-argument-array=$ARG2$
Then define the below in the NagiosXI via Config Manager > Service Management:
Code: Select all
check_procs_test -a 1:1 "^[u]myjob.*--instance Primary --mission myjob"
I then run a test check and get the below:
Code: Select all
COMMAND: /usr/local/nagios/libexec/check_nrpe -H myhost -t 30 -c check_procs_test -a 1:1 "\^\[u\]myjob.\*--instance Primary --mission myjob"
OUTPUT: CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.
I see the below in messages on the client host:
Code: Select all
Nov 17 14:32:53 myhost nrpe[17877]: Error: Request contained illegal metachars!
Nov 17 14:32:53 myhost nrpe[17877]: Client request was invalid, bailing out...
How do I get my special characters out of nrpe.conf and into XI?
Code: Select all
nrpe-2.15-2.el7.x86_64
XI 5.2.9
check_procs v2.0.3 (nagios-plugins 2.0.3)
Cheers!
Re: Error: Request contained illegal metachars!
Posted: Thu Nov 17, 2016 2:51 pm
by rkennedy
Take a look at your nrpe.cfg file, and change dont_blame_nrpe=0 to dont_blame_nrpe=1 in order to get this working. Then restart nrpe or xinetd. (depending how it's installed) It's due to passing $ARG$ variables rather then hard coding.
Re: Error: Request contained illegal metachars!
Posted: Mon Nov 28, 2016 7:30 am
by nagios_321
Hi,
Thanks for the reply. We already have dont_blame_nrpe=1 in our nrpe.conf and the nrpe service has been restarted.
Any other ideas?
Re: Error: Request contained illegal metachars!
Posted: Mon Nov 28, 2016 4:04 pm
by rkennedy
Is NRPE running standalone, or under xinetd? Please post the configuration files for us to review.
Also, what is the output of netstat -np | grep 5666?
Re: Error: Request contained illegal metachars!
Posted: Tue Nov 29, 2016 9:14 am
by nagios_321
Hi, we are running standalone NRPE installed from Red Hat repos.
Nrpe is below:
Code: Select all
#############################################################################
# Sample NRPE Config File
# Written by: Ethan Galstad ([email protected])
#
# Last Modified: 11-23-2007
#
# NOTES:
# This is a sample configuration file for the NRPE daemon. It needs to be
# located on the remote host that is running the NRPE daemon, not the host
# from which the check_nrpe client is being executed.
#############################################################################
# LOG FACILITY
# The syslog facility that should be used for logging purposes.
log_facility=daemon
# PID FILE
# The name of the file in which the NRPE daemon should write it's process ID
# number. The file is only written if the NRPE daemon is started by the root
# user and is running in standalone mode.
pid_file=/var/run/nrpe/nrpe.pid
# PORT NUMBER
# Port number we should wait for connections on.
# NOTE: This must be a non-priviledged port (i.e. > 1024).
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
server_port=5666
# SERVER ADDRESS
# Address that nrpe should bind to in case there are more than one interface
# and you do not want nrpe to bind on all interfaces.
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
#server_address=127.0.0.1
# NRPE USER
# This determines the effective user that the NRPE daemon should run as.
# You can either supply a username or a UID.
#
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
nrpe_user=nrpe
# NRPE GROUP
# This determines the effective group that the NRPE daemon should run as.
# You can either supply a group name or a GID.
#
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
nrpe_group=nrpe
# ALLOWED HOST ADDRESSES
# This is an optional comma-delimited list of IP address or hostnames
# that are allowed to talk to the NRPE daemon. Network addresses with a bit mask
# (i.e. 192.168.1.0/24) are also supported. Hostname wildcards are not currently
# supported.
#
# Note: The daemon only does rudimentary checking of the client's IP
# address. I would highly recommend adding entries in your /etc/hosts.allow
# file to allow only the specified host to connect to the port
# you are running this daemon on.
#
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
allowed_hosts=127.0.0.1, mynagioshost
# COMMAND ARGUMENT PROCESSING
# This option determines whether or not the NRPE daemon will allow clients
# to specify arguments to commands that are executed. This option only works
# if the daemon was configured with the --enable-command-args configure script
# option.
#
# *** ENABLING THIS OPTION IS A SECURITY RISK! ***
# Read the SECURITY file for information on some of the security implications
# of enabling this variable.
#
# Values: 0=do not allow arguments, 1=allow command arguments
dont_blame_nrpe=1
# BASH COMMAND SUBTITUTION
# This option determines whether or not the NRPE daemon will allow clients
# to specify arguments that contain bash command substitutions of the form
# $(...). This option only works if the daemon was configured with both
# the --enable-command-args and --enable-bash-command-substitution configure
# script options.
#
# *** ENABLING THIS OPTION IS A HIGH SECURITY RISK! ***
# Read the SECURITY file for information on some of the security implications
# of enabling this variable.
#
# Values: 0=do not allow bash command substitutions,
# 1=allow bash command substitutions
allow_bash_command_substitution=0
# COMMAND PREFIX
# This option allows you to prefix all commands with a user-defined string.
# A space is automatically added between the specified prefix string and the
# command line from the command definition.
#
# *** THIS EXAMPLE MAY POSE A POTENTIAL SECURITY RISK, SO USE WITH CAUTION! ***
# Usage scenario:
# Execute restricted commmands using sudo. For this to work, you need to add
# the nagios user to your /etc/sudoers. An example entry for alllowing
# execution of the plugins from might be:
#
# nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/
#
# This lets the nagios user run all commands in that directory (and only them)
# without asking for a password. If you do this, make sure you don't give
# random users write access to that directory or its contents!
# command_prefix=/usr/bin/sudo
# DEBUGGING OPTION
# This option determines whether or not debugging messages are logged to the
# syslog facility.
# Values: 0=debugging off, 1=debugging on
debug=0
# COMMAND TIMEOUT
# This specifies the maximum number of seconds that the NRPE daemon will
# allow plugins to finish executing before killing them off.
command_timeout=60
# CONNECTION TIMEOUT
# This specifies the maximum number of seconds that the NRPE daemon will
# wait for a connection to be established before exiting. This is sometimes
# seen where a network problem stops the SSL being established even though
# all network sessions are connected. This causes the nrpe daemons to
# accumulate, eating system resources. Do not set this too low.
connection_timeout=300
# WEEK RANDOM SEED OPTION
# This directive allows you to use SSL even if your system does not have
# a /dev/random or /dev/urandom (on purpose or because the necessary patches
# were not applied). The random number generator will be seeded from a file
# which is either a file pointed to by the environment valiable $RANDFILE
# or $HOME/.rnd. If neither exists, the pseudo random number generator will
# be initialized and a warning will be issued.
# Values: 0=only seed from /dev/[u]random, 1=also seed from weak randomness
#allow_weak_random_seed=1
# INCLUDE CONFIG FILE
# This directive allows you to include definitions from an external config file.
#include=<somefile.cfg>
# COMMAND DEFINITIONS
# Command definitions that this daemon will run. Definitions
# are in the following format:
#
# command[<command_name>]=<command_line>
#
# When the daemon receives a request to return the results of <command_name>
# it will execute the command specified by the <command_line> argument.
#
# Unlike Nagios, the command line cannot contain macros - it must be
# typed exactly as it should be executed.
#
# Note: Any plugins that are used in the command lines must reside
# on the machine that this daemon is running on! The examples below
# assume that you have plugins installed in a /usr/local/nagios/libexec
# directory. Also note that you will have to modify the definitions below
# to match the argument format the plugins expect. Remember, these are
# examples only!
# The following examples use hardcoded command arguments...
command[check_users]=/usr/lib64/nagios/plugins/check_users -w 5 -c 10
command[check_zombie_procs]=/usr/lib64/nagios/plugins/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/lib64/nagios/plugins/check_procs -w 150 -c 200
command[check_ssh]=/usr/lib64/nagios/plugins/check_ssh localhost
command[proc_myjob]=/usr/lib64/nagios/plugins/check_procs -c 1:1 --ereg-argument-array="^[u]myjob.*--instance Primary --mission myjob"
# The following examples allow user-supplied arguments and can
# only be used if the NRPE daemon was compiled with support for
# command arguments *AND* the dont_blame_nrpe directive in this
# config file is set to '1'. This poses a potential security risk, so
# make sure you read the SECURITY file before doing this.
#command[check_users]=/usr/lib64/nagios/plugins/check_users -w $ARG1$ -c $ARG2$
command[check_load]=/usr/lib64/nagios/plugins/check_load -w $ARG1$ -c $ARG2$
command[check_procs]=/usr/lib64/nagios/plugins/check_procs -c $ARG1$ -a $ARG2$
command[check_mountpoints.sh]=/usr/lib64/nagios/plugins/check_mountpoints.sh -w $ARG1$
command[check_init_service]=/usr/lib64/nagios/plugins/check_init_service $ARG1$
command[check_mem]=/usr/lib64/nagios/plugins/check_mem -w $ARG1$ -c $ARG2$
command[check_disk]=/usr/lib64/nagios/plugins/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
#command[check_procs_test]=/usr/lib64/nagios/plugins/check_procs -c $ARG1$ --ereg-argument-array=$ARG2$
# INCLUDE CONFIG DIRECTORY
# This directive allows you to include definitions from config files (with a
# .cfg extension) in one or more directories (with recursion).
include_dir=/etc/nrpe.d/
netstat show the below:
Code: Select all
$ netstat -tulp | grep 5666
tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN 7914/nrpe
tcp6 0 0 [::]:5666 [::]:* LISTEN 7914/nrpe
Cheers!
Re: Error: Request contained illegal metachars!
Posted: Tue Nov 29, 2016 5:53 pm
by tgriep
I think the issue is that you are sending arguments to the NRPE agent but the command is not defined to receive them
Try editing the nrpe.cfg file and change the following from
Code: Select all
command[proc_myjob]=/usr/lib64/nagios/plugins/check_procs -c 1:1 --ereg-argument-array="^[u]myjob.*--instance Primary --mission myjob"
to
Code: Select all
command[proc_myjob]=/usr/lib64/nagios/plugins/check_procs -c $ARG1$ --ereg-argument-array=$ARG2$
Save the file and restart xinetd by running
Then the command should be able to receive arguments and work like you want.
Re: Error: Request contained illegal metachars!
Posted: Thu Dec 22, 2016 2:39 pm
by nagios_321
Thanks for the reply, I am a little closer now.
I added this to my nrpe.conf and restarted nrpe
command[proc_myjob]=/usr/lib64/nagios/plugins/check_procs -c $ARG1$ --ereg-argument-array=$ARG2$
Then this to my check command on the NagiosXI dashboard
Code: Select all
proc_myjob "1:1" "^[u]myjob.*--instance Primary --mission myjob"
Running a 'Test Check Command' gives me the below, which is near where I need to be, but I am expecting to see PROCS CRITICAL: 0. I now see my regex is interpreted, but not with the expected results.
Code: Select all
COMMAND: /usr/local/nagios/libexec/check_nrpe -H myhost -t 30 -c proc_myjob "1:1" "\^\[u\]myjob.\*--instance Primary --mission myjob"
OUTPUT: PROCS CRITICAL: 139 processes | procs=139;;--ereg-argument-array=;0;
To confirm, there is no process running on my test host, so my expected results is:
Code: Select all
PROCS CRITICAL: 0 processes with regex args "^[u]myjob.*--instance Primary --mission myjob"
Thanks,
Re: Error: Request contained illegal metachars!
Posted: Thu Dec 22, 2016 3:39 pm
by tgriep
In your example, it looks like you forgot the -a in the command so it did not send over the arguments to the Agent.
Try this and see if it works.
Code: Select all
/usr/local/nagios/libexec/check_nrpe -H myhost -t 30 -c proc_myjob -a "1:1" "\^\[u\]myjob.\*--instance Primary --mission myjob"
Re: Error: Request contained illegal metachars!
Posted: Thu May 25, 2017 8:26 am
by optionstechnology
The problem here is actually the square brackets
/usr/local/nagios/libexec/check_nrpe -H myhost -t 30 -c proc_myjob -a "1:1" "\^\
[u\
]myjob.\*--instance Primary --mission myjob"
Once I remove them from the command it works fine-
Code: Select all
/usr/local/nagios/libexec/check_nrpe -H myhost -t 30 -c proc_myjob -a "1:1" "\^umyjob.\*--instance Primary --mission myjob"
Code: Select all
PROCS CRITICAL: 0 processes with regex args "^umyjob.*--instance Primary --mission myjob"
The backslash which should escape them does nothing...
Anyone any idea how to properly escape square brackets?
Re: Error: Request contained illegal metachars!
Posted: Thu May 25, 2017 11:43 am
by tgriep
Instead of using double quotes around the arguments, remove all of the escaping and then use single quotes around them.