Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Command issue - core and XI different results

https://support.nagios.com/forum/viewtopic.php?t=51959

Page 1 of 2

Command issue - core and XI different results

Posted: Fri Jan 11, 2019 5:37 pm
by jacek
Hi,

I used this plugin:
https://exchange.nagios.org/directory/P ... rt/details

I created the custom command, added the line in sudoers (this plugin uses nmap which requires sudo) according to the XI description.

If I run the command from terminal (starting with sudo -u nagios) - works.
If I click the test command in core - it works as well.
And NagiosXI gives "CRITICAL:" as the result, nothing else.

I got the CRITICAL result in command line when I forgot to "prefix" the command with "sudo", so I suspect that the command from NagiosXI is being run in some other way?

I looked in some basic logs buth with no luck, any ideas how can I track down the issue?

Re: Command issue - core and XI different results

Posted: Mon Jan 14, 2019 3:06 pm
by cdienger
When you say you click on the test command in core, do you mean to core config manager found in XI? Just want to clarify this since I'm not aware of a test command option in actual core.

What does the command look like under Configure > Core Config Manager > Commands > _Commands? Is it prefixed with sudo ?

Finally are there any special characters or spaces found in any of the arguments that are passed to the command? You may need to enclose these in quotation marks.

Re: Command issue - core and XI different results

Posted: Mon Jan 14, 2019 7:08 pm
by jacek
Yes, I meant CCM, sorry for misleading you.

Yes, it's prefixed with sudo:

Code: Select all

sudo $USER1$/check_udp_port -H $HOSTADDRESS$ -p $ARG1$ -s $ARG2$
ARG1 is the port - 500 or 4500, so a number
ARG2 is the service name - isakmp, and so on, without any spacebars or weird characters.

One XI command looks like this:

Code: Select all

check_udp_port!500!isakmp!!!!!!
From CCM when I run the test command it looks like this:

Code: Select all

[nagios@nagiosserver ~]$ sudo /usr/local/nagios/libexec/check_udp_port -H host_address -p 500 -s isakmp
OK: isakmp listening on port 500: 500/udp open|filtered isakmp

Re: Command issue - core and XI different results

Posted: Tue Jan 15, 2019 10:42 am
by lmiltchev
Download the modified plugin below:
check_udp_port_debug.txt
Remove the *.txt extension, and place the plugin in /usr/local/nagios/libexec directory. Run the plugin as root and as nagios user, and show the output:

as root:

Code: Select all

/usr/local/nagios/libexec/check_udp_port_debug -H host_address -p 500 -s isakmp
as nagios:

Code: Select all

su nagios -c '/usr/local/nagios/libexec/check_udp_port_debug -H host_address -p 500 -s isakmp'
Also, post the sudoers file.

Re: Command issue - core and XI different results

Posted: Wed Jan 16, 2019 4:10 pm
by jacek
Below all test results, and attached sudoers file.
The 3rd result looks weird, or?

Code: Select all

# /usr/local/nagios/libexec/check_udp_port_debug -H host_address -p 500 -s isakmp
result:
Starting Nmap 6.47 ( http://nmap.org ) at 2019-01-16 21:00 UTC
Nmap scan report for host_address (host_address)
Host is up.
PORT    STATE         SERVICE
500/udp open|filtered isakmp

Nmap done: 1 IP address (1 host up) scanned in 2.11 seconds
f_result: 500/udp open|filtered isakmp Nmap done
p_result: 500/udp open|filtered isakmp
OK: isakmp listening on port 500: 500/udp open|filtered isakmp

# su nagios -c '/usr/local/nagios/libexec/check_udp_port_debug -H host_address -p 500 -s isakmp'
You requested a scan type which requires root privileges.
QUITTING!
result:
f_result:
p_result:
CRITICAL:

# su nagios -c 'sudo /usr/local/nagios/libexec/check_udp_port_debug -H host_address -p 500 -s isakmp'
sudo: no tty present and no askpass program specified

Re: Command issue - core and XI different results

Posted: Wed Jan 16, 2019 5:21 pm
by lmiltchev
You have this line in sudoers:

Code: Select all

NAGIOSXI ALL = NOPASSWD:/usr/local/nagios/libexec/check_udp_port *
Add this one as well:

Code: Select all

NAGIOSXI ALL = NOPASSWD:/usr/local/nagios/libexec/check_udp_port_debug *
as we changed the plugin.

In addition to this, you are missing the following line in sudoers:

Code: Select all

Defaults:nagios !requiretty
Please add it somewhere, e.g. above this line:

Code: Select all

User_Alias      NAGIOSXI=nagios
Save, exit and test your command again. Are you getting the same output when you run the check as root and as the nagios user?

Re: Command issue - core and XI different results

Posted: Wed Jan 16, 2019 7:44 pm
by jacek
Now the last command worked as well, but this still doesnt fix the XI issue.

Code: Select all

# /usr/local/nagios/libexec/check_udp_port_debug -H host_address -p 500 -s isakmp
result:
Starting Nmap 6.47 ( http://nmap.org ) at 2019-01-17 00:40 UTC
Nmap scan report for host_address (host_address)
Host is up.
PORT    STATE         SERVICE
500/udp open|filtered isakmp

Nmap done: 1 IP address (1 host up) scanned in 2.10 seconds
f_result: 500/udp open|filtered isakmp Nmap done
p_result: 500/udp open|filtered isakmp
OK: isakmp listening on port 500: 500/udp open|filtered isakmp

# su nagios -c '/usr/local/nagios/libexec/check_udp_port_debug -H host_address -p 500 -s isakmp'
You requested a scan type which requires root privileges.
QUITTING!
result:
f_result:
p_result:
CRITICAL:

# su nagios -c 'sudo /usr/local/nagios/libexec/check_udp_port_debug -H host_address -p 500 -s isakmp'
result:
Starting Nmap 6.47 ( http://nmap.org ) at 2019-01-17 00:41 UTC
Nmap scan report for host_address (host_address)
Host is up.
PORT    STATE         SERVICE
500/udp open|filtered isakmp

Nmap done: 1 IP address (1 host up) scanned in 2.09 seconds
f_result: 500/udp open|filtered isakmp Nmap done
p_result: 500/udp open|filtered isakmp
OK: isakmp listening on port 500: 500/udp open|filtered isakmp
[root@STGNAGIOS01 jacek]#

Re: Command issue - core and XI different results

Posted: Thu Jan 17, 2019 11:22 am
by lmiltchev
Open your "original" plugin in a text editor, and change this line:

Code: Select all

p_result=`echo $f_result | awk '{print $1" "$2" "$3}'`
to this:

Code: Select all

p_result=`echo $f_result | awk '{print $1" "$2" "$3}' | sed 's/[|]/ /'`
This should replace the pipe ("|") in the output (which was creating the issue in the GUI) with a space. Save and exit. Force an immediate check in the GUI to see if this worked.

FYI, I tested this in house. Before the change, my check was failing. After the change, the output is "as expected".
example01.PNG

Re: Command issue - core and XI different results

Posted: Thu Jan 17, 2019 5:36 pm
by jacek
Sadly, this didn't change anything in my XI, still sitting at critical, even after waiting for a while and forcing few checks.
The checks from terminal still work, and from CCM as well.

Re: Command issue - core and XI different results

Posted: Thu Jan 17, 2019 5:42 pm
by lmiltchev
Can you show us a screenshot of the "Service Status Detail" page for this service?

Go to the CCM > Services > <your service> > View Config, and copy/paste the config on the forum.

Run the following commands from the command line, and show the output:

Code: Select all

grep "p_result=" /usr/local/nagios/libexec/check_udp_port
grep 'check_udp_port\|requiretty' /etc/sudoers
All times are UTC-05:00
Page 1 of 2

Powered by phpBB® Forum Software © phpBB Limited