Nagios CRITICAL - Socket timeout for check_nt request

[DrNox]

Hi !

As said in the title, I encounter a socket timeout problem (not the 10/30 sec timeout) with my Nagios

To sum up, I have a VM ubuntu 16.04.2 on a Windows Server 2008 R2. All is okey on this configuration ( i can check with NSCP (i install NSCP-0.5.0.62 on it) all the service i want).
But now, i am trying to communicate with an other server ( Windows Server 2008 R2 too) and i got this message for all my check_nt request :

CRITICAL - Socket timeout

I got 1 request which works : check_HTTP - > the connection between this server work
I tried to see if the firewall can be the reason of this error : i disabled it for the 2 windows server ,but no, it change nothing.
I put the same password on the 2 nsclient.ini
When i am trying to use the command on the terminal, this gives the same result.
I try to put -t 30 at the end of the command and i got : connect to address IP_of_my_server and port 12489 : connection refused. (i disabled firewall too)

example of request i do on sol.cfg (the name of the file for windows define service) :

Code: Select all

define service{
use        generic-service
host_name        sol
service_description        Firewall
check_command        check_nt!SERVICESTATE!-d SHOWALL -l MpsSvc
check_period        24x7
notifications_enabled        1
notification_interval        0
notification_period        24x7
notification_options        w,c,r
contacts        nagiosadmin
}

I am really lost for what i can do to solve this problem if someone have solution or something else it can be really nice

[bolson]

Hello DrNox,
Please confirm that the NSClient++ service is running and that:

port=12489

Is in nsclient.ini

[DrNox]

Hi,

effectively i forget the [/settings/NSClient/server], but after change, i got the same error :/

This is my nsclient.ini :

Code: Select all

# If you want to fill this file with all available options run the following command:
#   nscp settings --generate --add-defaults --load-all
# If you want to activate a module and bring in all its options use:
#   nscp settings --activate-module <MODULE NAME> --add-defaults
# For details run: nscp settings --help


; TODO
[/settings/default]

; Undocumented key
password = password

; Undocumented key
allowed hosts = 127.0.0.1,::1,+IP of my VM

; CACHE ALLOWED HOSTS - If host names (DNS entries) should be cached, improves speed and security somewhat but won't allow you to have dynamic IPs for your Nagios server.
cache allowed hosts = 1

; TIMEOUT - Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out.
timeout = 30


; TODO
[/settings/NSClient/server]

; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled.
use ssl = 0

; PERFORMANCE DATA - Send performance data back to Nagios (set this to 0 to remove all performance data).
performance data = 1

; PORT NUMBER - Port to use for check_nt.
port = 12489

; TODO
[/settings/NRPE/server]

; Undocumented key
verify mode = none

; Undocumented key
insecure = true

; PORT NUMBER - Port to use for NRPE.
port = 5666

; COMMAND ALLOW NASTY META CHARS - This option determines whether or not the we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
allow nasty characters = 0

; EXTENDED RESPONSE - Send more then 1 return packet to allow response to go beyond payload size (requires modified client if legacy is true this defaults to false).
extended response = 0

; COMMAND ARGUMENT PROCESSING - This option determines whether or not the we will allow clients to specify arguments to commands that are executed.
allow arguments = true

; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled.
use ssl = 1


; TODO
[/modules]
Scheduler = 1
; Undocumented key
CheckExternalScripts = 1

; Undocumented key
CheckHelpers = 1

; Undocumented key
NSClientServer = 1

; Undocumented key
CheckNSCP = 1

; Undocumented key
CheckDisk = 1

; Undocumented key
CheckSystem = 1

; Undocumented key
CheckEventLog = 1

; Undocumented key
NSCAClient = 1

; Undocumented key
WEBSErver = 1

; Undocumented key
NRPEServer = 1


; A set of options to configure the real time checks
[/settings/system/windows/real-time]


; Configure which services has to be in which state
[/settings/system/windows/service mapping]


; TODO
[/settings/system/windows/counters/default]


; TODO
[/settings/system/windows/counters]


; TODO
[/settings/log/file]


; TODO
[/settings/log]

; LOG LEVEL - Log level to use. Available levels are error,warning,info,debug,trace
level = info

; DATEMASK - The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve.
date format = %Y-%m-%d %H:%M:%S

; FILENAME - The file to write log data to. Set this to none to disable log to file.
file name = ${exe-path}/nsclient.log


; TODO
[/settings/system/windows]

; DEFAULT LENGTH - Used to define the default interval for range buffer checks (ie. CPU).
default buffer length = 1h


; TODO
[/settings/external scripts/scripts/default]

; IGNORE PERF DATA - Do not parse performance data from the output
ignore perfdata = 0


; A list of scripts available to run from the CheckExternalScripts module. Syntax is: <command>=<script> <arguments>
[/settings/external scripts/scripts]


; A list of wrapped scripts (ie. scruts using a template mechanism). The template used will be defined by the extension of the script.
[/settings/external scripts/wrapped scripts]


; TODO
[/settings/external scripts/alias]


; TODO
[/settings/eventlog/real-time/filters/default]

; EMPTY MESSAGE - The message to display if nothing matches the filter (generally considered the ok state).
empty message = eventlog found no records

; MAGIMUM AGE - How long before reporting "ok". If this is set to "false" no periodic ok messages will be reported only errors.
maximum age = 5m


; A set of filters to use in real-time mode
[/settings/eventlog/real-time/filters]


; TODO
[/settings/external scripts/alias/default]


; TODO
[/settings/shared session]


; TODO
[/settings/crash]

; RESTART SERVICE NAME - The url to submit crash reports to
restart target = NSCP

; CRASH ARCHIVE LOCATION - The folder to archive crash dumps in
archive folder = ${crash-folder}

; RESTART - Submit crash reports to nsclient.org (or your configured submission server)
restart = true

; SUBMISSION URL - The url to submit crash reports to
submit url = https://crash.nsclient.org/post

; ARCHIVE CRASHREPORTS - Archive crash reports in the archive folder
archive = true


; TODO
[/settings/eventlog/real-time]

; STARTUP AGE - The initial age to scan when starting NSClient++
startup age = 30m

; REAL TIME CHECKING - Spawns a background thread which detects issues and reports them back instantly.
enabled = 0

; LOGS TO CHECK - Comma separated list of logs to check
log = application,system

; DEBUG - Log missed records (useful to detect issues with filters) not useful in production as it is a bit of a resource hog.
debug = 0


; TODO
[/settings/NSCA/client/targets/default]

; TIMEOUT - Timeout when reading/writing packets to/from sockets.
timeout = 30

; RETRIES - Number of times to retry sending.
retries = 3

; ENCRYPTION - Name of encryption algorithm to use. Has to be the same as your server i using or it wont work at all.This is also independent of SSL and generally used instead of SSL. Available encryption algorithms are: none = No Encryption (not safe) xor = XOR des = DES 3des = DES-EDE3 cast128 = CAST-128 xtea = XTEA blowfish = Blowfish twofish = Twofish rc2 = RC2 aes128 = AES aes192 = AES aes = AES serpent = Serpent gost = GOST
encryption = aes

; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled.
use ssl = 0


; A set of filters to use in real-time mode
[/settings/system/windows/real-time/checks]


; TODO
[/settings/NSCA/client]

; HOSTNAME - The host name of the monitored computer. Set this to auto (default) to use the windows name of the computer.  auto	Hostname ${host}	Hostname ${host_lc} Hostname in lowercase ${host_uc}	Hostname in uppercase ${domain}	Domainname ${domain_lc}	Domainname in lowercase ${domain_uc}	Domainname in uppercase 
hostname = auto

; CHANNEL - The channel to listen to.
channel = NSCA


; TODO
[/settings/external scripts]

; COMMAND TIMEOUT - The maximum time in seconds that a command can execute. (if more then this execution will be aborted). NOTICE this only affects external commands not internal ones.
timeout = 60

; COMMAND ALLOW NASTY META CHARS - This option determines whether or not the we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
allow nasty characters = true

; COMMAND ARGUMENT PROCESSING - This option determines whether or not the we will allow clients to specify arguments to commands that are executed.
allow arguments = true


; TODO
[/paths]

; Path for shared-path - 
shared-path = C:\Program Files\NSClient++

; Path for module-path - 
module-path = ${shared-path}/modules

; Path for crash-folder - 
crash-folder = ${shared-path}/crash-dumps

; Path for exe-path - 
exe-path = C:\Program Files\NSClient++

; Path for certificate-path - 
certificate-path = ${shared-path}/security

; Path for base-path - 
base-path = C:\Program Files\NSClient++


; TODO
[/settings/WEB/server]

; PORT NUMBER - Port to use for WEB server.
port = 8443s

; CERTIFICATE - Ssl certificate to use for the ssl server
certificate = ${certificate-path}/certificate.pem


; Files to be included in the configuration
[/includes]


; TODO
[/settings/eventlog]

; LOOKUP NAMES - Lookup the names of eventlog files
lookup names = 1

; BUFFER_SIZE - The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve.
buffer size = 131072

; DEBUG - Log more information when filtering (useful to detect issues with filters) not useful in production as it is a bit of a resource hog.
debug = 0


; TODO
[/settings/external scripts/wrappings]

; BATCH FILE WRAPPING - 
bat = scripts\\%SCRIPT% %ARGS%

; VISUAL BASIC WRAPPING - 
vbs = cscript.exe //T:30 //NoLogo scripts\\lib\\wrapper.vbs %SCRIPT% %ARGS%

; POWERSHELL WRAPPING - 
ps1 = cmd /c echo If (-Not (Test-Path "scripts\%SCRIPT%") ) { Write-Host "UNKNOWN: Script `"%SCRIPT%`" not found."; exit(3) }; scripts\%SCRIPT% $ARGS$; exit($lastexitcode) | powershell.exe /noprofile -command -


; TODO
[/settings/scheduler]

; THREAD COUNT - Number of threads to use.
threads = 5

[bolson]

Did you restart nsclient++ after you made the change? As a troubleshooting step, can you make a copy of nsclient.ini and place the standard default nsclient.ini file in the folder, set the allowed host directive and the port directive and restart the service and see if it works?

[DrNox]

Hey,

i tried with this nsclient.ini, but i got the same error ( and i restart the service) :

Code: Select all

# If you want to fill this file with all available options run the following command:
#   nscp settings --generate --add-defaults --load-all
# If you want to activate a module and bring in all its options use:
#   nscp settings --activate-module <MODULE NAME> --add-defaults
# For details run: nscp settings --help


; TODO
[/settings/default]

; Undocumented key
password = mdp

; Undocumented key
allowed hosts = 127.0.0.1,::1,127.0.0.1,::1,+IpOfVM
; CACHE ALLOWED HOSTS - If host names (DNS entries) should be cached, improves speed and security somewhat but won't allow you to have dynamic IPs for your Nagios server.
cache allowed hosts = 1

; TIMEOUT - Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out.
timeout = 30

; TODO
[NSClient]

allowed_hosts=127.0.0.1,::1,+IpOfVM
port=12489
bind_to_address=
socket_timeout=30


; TODO
[/settings/NSClient/server]

; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled.
use ssl = 0

; PERFORMANCE DATA - Send performance data back to Nagios (set this to 0 to remove all performance data).
performance data = 1

; PORT NUMBER - Port to use for check_nt.
port = 12489

; TODO
[/settings/NRPE/server]

; Undocumented key
verify mode = none

; Undocumented key
insecure = true


; TODO
[/modules]

; Undocumented key
CheckExternalScripts = 1

; Undocumented key
CheckHelpers = 1

; Undocumented key
CheckEventLog = 1

; Undocumented key
CheckNSCP = 1

; Undocumented key
CheckDisk = 1

; Undocumented key
CheckSystem = 1

; Undocumented key
NRPEServer = 1

Is it possible to try nsclient localy on windows ?

[tacolover101]

from a command prompt, please run 'netstat -an | findstr 12489' - is NSclient++ listening properly? if so, i think it's a firewall issue.

[DrNox]

I got this with your command :

[DrNox]

When i do the command on my VM i got this, i don't know why i got port 42682 for my VM. The port 12489 is for my server that i want to monitor :

[DrNox]

I retried the same command after and i got this result :

and after a few second, i retried it and i got an other result :

I don't know what do i think ....

[scottwilkerson]

When i do the command on my VM i got this, i don't know why i got port 42682 for my VM. The port 12489 is for my server that i want to monitor :

Port 42682 is the outbound port, this is totally normal