Page 1 of 1
How to find all NRDS clients reporting to the Nagios Server
Posted: Thu Jul 19, 2018 9:03 pm
by yosh
Background:
I have setup quite a few NRDS client machines. They all work well and everything was fine.
Recently someone has cloned one of those machines including its NRDP configs. I dont have any information regarding who has cloned the machine, whats its Domain name or IP, where it is running.
Now the problem is:
This new (cloned) machine is reporting to the Nagios Server with its origins host name and I can see those data in under the reconfigured Objects.
Eg:
Original server called "ABC" and reported to Nagios as "ABC"
The cloned server, lest say its "XYZ" also report as "ABC" to the Nagios NRDS server
I would like to know how can I find which host is actually reporting these data ?
Is there any way that I can find out its IP details ?
Re: How to find all NRDS clients reporting to the Nagios Ser
Posted: Fri Jul 20, 2018 12:18 pm
by scottwilkerson
The best I can think of is to look at the apache logs
Code: Select all
tail -f /var/log/httpd/access_log|grep nrdp|grep submitcheck|grep YOUR_HOST
The you should see the IP of the machines sending the results
Re: How to find all NRDS clients reporting to the Nagios Ser
Posted: Sun Jul 22, 2018 8:28 pm
by yosh
Thanks @scottwilkerson.
But there's no any matching records for "submitcheck" string in access.log
Re: How to find all NRDS clients reporting to the Nagios Ser
Posted: Mon Jul 23, 2018 7:20 am
by scottwilkerson
Then you may have to brint the tail commnad all the way back to this as they are being submitted as posts
Code: Select all
tail -f /var/log/httpd/access_log|grep nrdp
And then you would need to time when the command comes in (likely 5 minutes from the last time one was received)
Re: How to find all NRDS clients reporting to the Nagios Ser
Posted: Mon Jul 23, 2018 8:26 pm
by yosh
Thanks
@scottwilkerson
I tried it as well. There I get only the public IPs of the incoming nrdp requests as my hosts are located overseas and reporting to the Nagios server hosted in a could. (Not a LAN environment)
I reckon it would be a nice to have feature to include the host details inside NRDP messages. Then we can find out which host & from where they are reporting in.
Thanks again for your kind help
@scottwilkerson.
Re: How to find all NRDS clients reporting to the Nagios Ser
Posted: Tue Jul 24, 2018 7:07 am
by scottwilkerson
yosh wrote:I reckon it would be a nice to have feature to include the host details inside NRDP messages. Then we can find out which host & from where they are reporting in.
Ya, it does include the host that you specify when you run setup, but this doesn't help if someone copies a machine that already has the cron setup.
Re: How to find all NRDS clients reporting to the Nagios Ser
Posted: Tue Jul 24, 2018 7:21 pm
by yosh
You are right
@scottwilkerson.
That is the absolute case that Im struggling with at the moment. If these messages can report the host IP then at least we can have an idea of in which site this host might be located in.
Since there's no any other way to find out this host info I hope we can close this thread now.
Thanks for your great help
@scottwilkerson.
Re: How to find all NRDS clients reporting to the Nagios Ser
Posted: Wed Jul 25, 2018 9:02 am
by scottwilkerson
yosh wrote:You are right
@scottwilkerson.
That is the absolute case that Im struggling with at the moment. If these messages can report the host IP then at least we can have an idea of in which site this host might be located in.
Since there's no any other way to find out this host info I hope we can close this thread now.
Thanks for your great help
@scottwilkerson.
Closing