Nagios Support Forum

I'm having problems with Redhat 7 and the NCPA agent and monitoring rsyslogd
it seems that root only can check a service in redhat 7
is NCPA supposed to be running as nagios, or should it be running as root
and if it's supposed to be nagios, how are you handling sudoers?

thanks again
Jenny

What is the version of the NCPA agent that you installed on the RHEL machine? I installed NCPA 2.1.7 on RHEL 7.7 64-bit, and I can monitor rsyslog just fine. NCPA is running as nagios user. Are you using "rsyslog" or "rsyslogd" in your command? Can you show us the output the the following commands?

On the client (remote machine): On the Nagios XI server: where you substitute <client ip> and <token> with the actual values.

I need to get more info from the system engineers, the problem comes from the fact that they made me open the ticket after I fixed the problem 2 months ago, by going from a "service" check to a "process" check, and now I can't remember the machines with the problem

The System engineers said that the NCPA agent is causing a problem in trying to scan a directory owned by root, and I am asking them for the log snippets to give to you.

I'm sorry, when I get a problem I will try and find a work around in order to keep going, so that's why I forgot which machines had the rsyslog problem
I will update this when they get back to me

Sure, let us know what you find out. We will keep the thread open for the time being.

Hi
We found a machine with a problem that stopped when I turned off the NCPA passive and listener

it looks like ncpa is running the init.d directory and asking for a status of everything in there
When i turn off ncpa, the status request stops

the reason we're asking is because of the PowerPath errors
Aug 25 04:25:47 prdstldb11 PowerPath: MPAPI: Error: Insufficient user privilege

I tried looking in the ncpa.cfg for an "exclude" section so i could have ncpa skip that script but I did not see any thing
the box is Red Hat Enterprise Linux Server release 5.10 (Tikanga)
and from the api/service the ncpa is "agent_version": "2.0.6",

In this case, I can see only two options:

1. Set NCPA to be running as root in the ncpa.cfg file: and restart the ncpa_listener and ncpa_passive services, so that changes can take effect.

2. Don't monitor the services that nagios is not permitted to access. After all, if you want nagios to monitor a metric, it should be given sufficient permissions to do so.

sorry, we are not monitoring all the services in /etc/init.d
nagios is doing the entire directory, I would like to stop it from doing that
see the attached text file

nagios is doing the entire directory, I would like to stop it from doing that

There is no way to stop NCPA from doing that... You are using a very old agent that is installed on RHEL 5. RHEL/CentOS 5 are no longer supported. We are not going to be changing how the "old" NCPA works (going 10 versions back). On newer operating systems, e.g. RHEL/CentOS 7, NCPA uses systemctl to obtain the list of services.