Nagios Support Forum

I am seeing allot of traffic from my nagios XI server in my firewall logs, out to the internet , some the traffic looks to be looks to be Yum update servers. But there is allot of sites it is trying to contact using http. And some, not sure if they are update servers or not.
I'm looking now, where is the config file that contains the update servers, so I can compare to what my firewall is seeing.?

Mike

The config files are located in /etc/yum/, but you should know that CentOS uses a dynamic round-robin sort of system, so you won't actually find all of the servers in those files. Instead, a list of mirrors is fetched online, and then one is chosen to try from that list each time, and a different one tried if the first fails, and so on.

You can see a full list of possible mirrors on http://www.centos.org/modules/tinycontent/index.php?id=30 and can check by specific section using the URL format shown in the "mirrorlist" variable in the config files, for instance http://mirrorlist.centos.org/?release=5.5&arch=i386&repo=contrib

Thanks,
So can I turn the service off so it wont check every few min, since updates come from Nagios.?
Is there a reason this needs to be on and generating network traffic..?

Mike

Every few minutes sounds odd - once a day would be more reasonable. Do you have a Nagios service seeing if there are available updates from yum?

no service. straight nagios xi install... im checking how many times a day it shows in the logs, and will update once i get an idea...

But the copy of the log I had 33 URL's nagios server tried to contact in a 2 second period. and they all look to be update servers.... That seems like allot of requests. We are not blocking out bound traffic, just monitoring and cutting back un-necessary traffic. And if it works the way you were stating i should only see a few http requests....
Or does Cent get a list of mirrors and then does a check to see which ones are active, maybe?

Either way can YUM be disabled until the next xi update.? I know nagios uses Yum to update the OS, but if i am not going to be updating the OS myself and letting Nagios updates do that, then I dont need the server trying to contact the YUM servers daily.?

Am I wrong? Please let me know if this will affect anything with nagios.

Thanks
Mike

I *think* what it does possibly is ping them all, figure out which one is fastest from your location, and then use that for further work, which might explain the behavior you're seeing.
(I'm not entirely sure - I'm more familiar with APT's system.)

You certainly should be able to disable it, with the caveat that you might miss out on finding out about security updates to the OS.