Unable to login with nagiosadmin
Unable to login with nagiosadmin
Recently I had an issue where the Nagios server ran out of disk space. I've since resolved this issue but now I'm having an issue where I cannot login as the nagiosadmin account.
I've run the script "reset_nagiosadmin_password.sh" and have tried multiple passwords but I'm still unable to login. I've searched on the forum and tried a few things such as clearing the transaction logs and some other items but still have not had any success with it.
Anyone have any ideas if there's a different curl command I can try or something else I should be doing? LDAP seems to be broken too so I can't login with LDAP like I used to.
I've run the script "reset_nagiosadmin_password.sh" and have tried multiple passwords but I'm still unable to login. I've searched on the forum and tried a few things such as clearing the transaction logs and some other items but still have not had any success with it.
Anyone have any ideas if there's a different curl command I can try or something else I should be doing? LDAP seems to be broken too so I can't login with LDAP like I used to.
Re: Unable to login with nagiosadmin
Hello @dfsocha
Thanks for reaching out, want to run some 'api' commands to help figure things out.
Let's read the config info on the 'nagiosadmin' which is typically user '1':
Now that you have an 'apikey' that is associated with 'nagiosadmin'; let's list all users:
Run through the password reset via the commands directly from the script for confirmation:
New password:
Verify:
conversion:
Update:
Verify:
API to change/update password:
Results:
Success:
Thanks,
Perry
Thanks for reaching out, want to run some 'api' commands to help figure things out.
Let's read the config info on the 'nagiosadmin' which is typically user '1':
Code: Select all
curl -XGET http://localhost:9200/nagioslogserver/user/1
- *change the user number to list other user info
Make sure that the 'nagiosadmin' "auth_type" is admin and that 'apiaccess' of "1" (which means enabled) and that there is a apikey listed.{"_index":"nagioslogserver","_type":"user","_id":"1","_version":5,"found":true,"_source":{"username":"nagiosadmin","username_lower":"nagiosadmin","name":"Nagios Administrator","password":"280d44ab1e9f79b5cce2dd4f58f5fe91xxxxxx9f7447dffc318ceb79f2d02","auth_type":"admin","email":"root@localhost.com","language":"default","apiaccess":"1","apikey":"2590634e60fxxxxxb9e111990e16b83da22b1bcf","created":"2021-06-14 12:10:14","created_by":0,"default_dashboard":"/dashboard/elasticsearch/AXoLSc8Q5hxpyzbmI-kt"}}
Now that you have an 'apikey' that is associated with 'nagiosadmin'; let's list all users:
Code: Select all
curl -k http://192.168.23.207/nagioslogserver/index.php/api/system/get_users?token=yourtokenhere
New password:
Code: Select all
passhash=$(printf "yournewpasswordhere" | openssl sha256)
Code: Select all
echo $passhash
Code: Select all
passhash=${passhash:9}
Code: Select all
update="{\"doc\":{\"password\":\"$passhash\"}}"
Code: Select all
echo $update
Code: Select all
curl -XPOST http://localhost:9200/nagioslogserver/user/1/_update -d "$update"
Refresh:{"_index":"nagioslogserver","_type":"user","_id":"1","_version":6}
Code: Select all
curl -XPOST http://localhost:9200/nagioslogserver/_refresh
Let us know if you are able to get into the web console to update Active Directory configuration.{"_shards":{"total":2,"successful":2,"failed":0}}
Thanks,
Perry
Re: Unable to login with nagiosadmin
When I do curl -XGET http://localhost:9200/nagioslogserver/user/1, this is the result I get:
Code: Select all
[root@NagiosLogServer ~]# curl -XGET http://localhost:9200/nagioslogserver/user/1
{"_index":"nagioslogserver","_type":"user","_id":"1","found":false}[root@NagiosLogServer ~]#
Re: Unable to login with nagiosadmin
I don't work for nagios, but I had this issue too.
did you move the contents of /usr/local/nagioslogserver/elasticseach/data ?
If you did make sure you move everything in that directory. hope it helps
did you move the contents of /usr/local/nagioslogserver/elasticseach/data ?
If you did make sure you move everything in that directory. hope it helps
Proudly running:
NagiosXI 5.4.12 2 node Prod Env 2500 hosts, 13,000 services
Nagiosxi 5.5.7(test env) 2500 hosts, 13,000 services
Nagios Logserver 2 node Prod Env 500 objects sending
Nagios Network Analyser
Nagios Fusion
NagiosXI 5.4.12 2 node Prod Env 2500 hosts, 13,000 services
Nagiosxi 5.5.7(test env) 2500 hosts, 13,000 services
Nagios Logserver 2 node Prod Env 500 objects sending
Nagios Network Analyser
Nagios Fusion
Re: Unable to login with nagiosadmin
Hello @benhank
Here is the api command to setup nagiosadmin account:
The temp password is: temppassword
To verify:
Here is the api command to setup nagiosadmin account:
Code: Select all
curl -k -XPOST http://localhost:9200/nagioslogserver/user/1 -d '{"_index":"nagioslogserver","_type":"user","_id":"1","_version":6,"found":true,"_source":{"username":"nagiosadmin","username_lower":"nagiosadmin","name":"Nagios Administrator","password":"ecef7b1e64c70decb9786df778d470f7288c02eeb6b95c97dade5b46d768ab50","auth_type":"admin","email":"root@nagios.com","language":"default","apiaccess":"1","apikey":"2590634e60f5b041b9e111990e16b83da22b1bcd","created":"2021-06-14 12:10:14","created_by":0,"default_dashboard":"/dashboard/elasticsearch/AXoLSc8Q5hxpyzbmI-kt"}}'
To verify:
Code: Select all
curl -XGET http://localhost:9200/nagioslogserver/user/1[/user]
Thanks,
Perry
Re: Unable to login with nagiosadmin
Looks like I may have had some extra configs that it may not like and here is the update:
This one creates an account: nagiosadmin3
with password: temppassword
Result example:
Perry
Code: Select all
curl -k -XPOST http://localhost:9200/nagioslogserver/user/3 -d '{"_index":"nagioslogserver","_type":"user","_id":"3","_version":6,"_source":{"username":"nagiosadmin3","username_lower":"nagiosadmin","name":"Nagios Administrator","password":"ecef7b1e64c70decb9786df778d470f7288c02eeb6b95c97dade5b46d768ab50","auth_type":"admin","email":"root@nagios.com","language":"default","apiaccess":"1","apikey":"2590634e60f5b041b9e111990e16b83da22b1bcd"}}'
with password: temppassword
Result example:
Thanks,{"_index":"nagioslogserver","_type":"user","_id":"3","_version":1,"created":true}
Perry
Re: Unable to login with nagiosadmin
Okay I ran that and it says "created:true" but when I try to login with nagiosadmin3 and password of temppassword, it doesn't work and says invalid username/password.
Here's the command I ran and it's output:
Here's the command I ran and it's output:
Code: Select all
[root@NagiosLogServer ~]# curl -k -XPOST http://localhost:9200/nagioslogserver/user/3 -d '{"_index":"nagioslogserver","_type":"user","_id":"3","_version":6,"_source":{"username":"nagiosadmin3","username_lower":"nagiosadmin","name":"Nagios Administrator","password":"ecef7b1e64c70decb9786df778d470f7288c02eeb6b95c97dade5b46d768ab50","auth_type":"admin","email":"root@nagios.com","language":"default","apiaccess":"1","apikey":"2590634e60f5b041b9e111990e16b83da22b1bcd"}}'
{"_index":"nagioslogserver","_type":"user","_id":"3","_version":1,"created":true}[root@NagiosLogServer ~]#
Re: Unable to login with nagiosadmin
Hello @dfsocha
Thanks for the details, next step is to delete the user account and then rebuild.
To rebuild:
Verify:
Verify api works:
This will create a user named "nagiosadmin" with the password "nagiosls".
Let me know how things look,
Perry
Thanks for the details, next step is to delete the user account and then rebuild.
Code: Select all
curl -XDELETE http://localhost:9200/nagioslogserver/user/1
Code: Select all
curl -XPUT 'http://localhost:9200/nagioslogserver/user/2' -d '{"username":"nagiosadmin","password":"c678bcf3b5138b9263a95c44d28097f22c2e02877193d2c25313478821d45c19","auth_type":"admin","email":"user@example.com","language":"default","apiaccess":"1","apikey":"1396e08757545557073844695e5b64caa0bd3ad3","created":"2015-01-23 10:00:00","created_by":0,"default_dashboard":"/dashboard/elasticsearch/default"}'
Code: Select all
curl -XGET http://localhost:9200/nagioslogserver/user/2
Code: Select all
curl -k http://yourhostaddresshere/nagioslogserver/index.php/api/system/get_users?token=theapitokenfoundinpreviouscommand
Let me know how things look,
Perry
Re: Unable to login with nagiosadmin
I ran all those and it said the user was created and the API verified the user was there but using the username nagiosadmin and password of nagiosls still doesn't let me login.
Re: Unable to login with nagiosadmin
Hello @dfsocha
Thanks for following up, and want to gather more info and a System Profile from you so we can see what is going on.
This will create /tmp/logs.tar.gz.
And the System Profile by:
This will create /tmp/system-profile.tar.gz.
Note that this file can be very large and may not be able to be uploaded through the ticketing system. You can split the file into smaller files with the split command on the NLS(or other Linux machine) command line:
The above command will split the system-profile.tar.gz into 45MB segments and save them to files with the naming convention system-profile-nn. Please send each split in a separate [PM] 'Private Message'.
I'd also like to get a copy of the current settings index. This can be gathered by running:
The file it creates and that we'd like to see is /tmp/nagioslogserver.tar.gz.
Please send the following:
Perry
Thanks for following up, and want to gather more info and a System Profile from you so we can see what is going on.
Code: Select all
tar -czvf /tmp/logs.tar.gz /usr/local/nagioslogserver/var/auditlog.log /var/log/httpd/ /var/log/apache2/
And the System Profile by:
Code: Select all
/usr/local/nagioslogserver/scripts/profile.sh
Note that this file can be very large and may not be able to be uploaded through the ticketing system. You can split the file into smaller files with the split command on the NLS(or other Linux machine) command line:
Code: Select all
split -b 45000000 /tmp/system-profile.tar.gz system-profile- -d
I'd also like to get a copy of the current settings index. This can be gathered by running:
Code: Select all
curl -XPOST http://localhost:9200/nagioslogserver/_export?path=/tmp/nagioslogserver.tar.gz
Please send the following:
- /tmp/logs.tar.gz
- /tmp/nagioslogserver.tar.gz
- /tmp/system-profile.tar.gz or the splits depending on size
Perry