Nagios Support Forum

Good afternoon,

I am trying to monitor an EMC VNX5200 device using the plugin of the following link:

https://exchange.nagios.org/directory/P ... 74/details

Through the interface of Centos 7 I can validate correctly when I execute the commands with the plugin:

check_emc_clariion.pl -H 192.168.5.1 -u readonly -p AStrongPassword -t disk
The array is operating normally

check_emc_clariion.pl -H 192.168.5.1 -u readonly -p AStrongPassword -t faults
80 physical disks are Ok. Hostpares are ready

But in the web interface of nagios it appears with errors as the attachment. Additionally, I have doubts about the definition of the equipment since it has two controllers, each with a different ip (SPA and SPB)

This is content of the file commands.cfg:

define command {
command_name check_emc_clariion
command_line $USER1$/check_emc_clariion.pl -H $ARG1$ $ARG2$ $ARG3$ $ARG4$ $ARG5$ $ARG6$ $ARG7$ $ARG8$
}

Grateful for the support,

Regards

How strong is "AStrongPassword" ? Does it contain any special characters like |,$,!, etc.. ? Can you test with ASlightlyWeakerPasswordthat doesn't have any special characters?

Dear cdienger, I have also tried with the credentials by default user and password sysadmin.

Try switching to the nagios user and then running the ocmmands from the ocmmand line:

su - nagios

Also check the permissions on /opt/Navisphere/bin/navicli to verify that the nagios user is able to execute it.

Executing the commands from the user nagios appears:


[nagios@localhost libexec]$ ./check_emc_clariion.pl -H 192.168.5.1 -u sysadmin -p sysadmin -t faults
Error occurred during HTTP request/response from the target: '192.168.5.1'.

[nagios@localhost libexec]$ ./check_emc_clariion.pl -H 192.168.5.1 -u sysadmin -p sysadmin -t faults


Unable to validate the identity of the server. There are issues with the certificate presented.
Only import this certificate if you have reason to believe it was sent by a trusted source.
Certificate details:
Subject: CN=192.168.5.1,CN=B-IMAGE,OU=CLARiiON
Issuer: CN=192.168.5.1,CN=B-IMAGE,OU=CLARiiON
Serial#: f0512c00
Valid From: 20141231212225Z
Valid To: 20191230212225Z
Would you like to [1]Accept the certificate for this session, [2] Accept and store, [3] Reject the certificate?
Please input your selection(The default selection is [1]):
The array is operating normally.
[nagios@localhost libexec]$



Also, I do not have the navicli folder ..

[root@localhost libexec]# ll /opt/Navisphere/bin/
total 15212
-rwxrwxr-x 1 root root 562895 feb 26 2016 admsnap
-rwxrwxr-x 1 root root 15002779 feb 26 2016 naviseccli
-rwxr-xr-x 1 root root 3945 feb 26 2016 setlevel_cli.sh
-rw-r--r-- 1 root root 7 oct 17 15:21 setlevel.log

Your first post you show you show a different username and password then the last post, can you verify that they are correct?

Also, try running the command both as nagios and as root:

/opt/Navisphere/bin/naviseccli security -certificate -getLevel

It looks like the problem is that the certificate isn't trusted. You may need to use the naviseccli to add a cert or adjust the level:

/opt/Navisphere/bin/naviseccli security -certificate -setLevel low

Dear tgriep, The user who has access is by default: sysadmin

Dear cdienger: Executing the command as user nagios and root results in a medium level.


But when trying to assign a low level I get

Cannot write into /opt/Navisphere/seccli/CST/certConfig.security/.
Permission denied. Caller not privileged
Cannot write encrypted_user info to the security file

It is not an editable file, how can I assign it the low level ..?

If the command returns Medium for both nagiso and root then I think that setting can be ignored. Try running this instead as nagios:

./check_emc_clariion.pl -H 192.168.5.1 -u sysadmin -p sysadmin -t faults

and when it prompts:

Would you like to [1]Accept the certificate for this session, [2] Accept and store, [3] Reject the certificate?
Please input your selection(The default selection is [1]):

select option [2] and then again run:

./check_emc_clariion.pl -H 192.168.5.1 -u sysadmin -p sysadmin -t faults

As a nagios user I have returned to execute the command but I get the result the option to add the certificate does not appear

The array is operating normally..

but the option to add certificate does not appear..

as a nagios user I have executed:
Add naviseccli bin directory, which is usually /opt/Navisphere/bin, to your system PATH. For example, add the following
line to ~/.bash_profile & ~/.bashrc and then execute this file to make the setting effective by running source ~/.bash_profile
or source ~/.bashrc.
PATH=$PATH:/opt/Navisphere/bin
export PATH

naviseccli -user usename -password password -h sp_ip -scope 0 -np getagent

get data from my SAN but I can not add the certificate again.