I need to use logical operators on the passed argument to NRPE as Strings. the operator is also used by NRPE as the FIELD separator. Which is the splat or ! token.
different ways of quoting the passed arg. no affect.
Nagios Command.cfg
define command{
command_name check_remote_container_broker_health
command_line $USER1$/check_jmx4perl $ARG1$ $ARG2$ $ARG3$
}
Nagios Remote Service
define service{
use generic-service
host_name alphprdfuse1i
service_description Container IPRCMT1 Broker Health
check_command check_nrpe!check_remote_container_broker_health!-a '--user iprcmtx --password G00gl3M3 --url http://localhost:9091/jolokia --mbean org.apache.activemq:type=Broker,brokerName=amq,service=Health --attribute CurrentStatus --string --critical '!Good''
}
NRPE server
NRPE.cfg
command[check_remote_container_non_heap_used]=/usr/local/nagios/libexec/check_jmx4perl $ARG1$ $ARG2$
When NRPE evaluates the statement, it should perform as
if return.string NOT EQUAL Good
but, NRPE is seeing this as a Field Delimiter
thank you
Based on this thread my guess would be that exclamation marks cannot be escaped in a check_command, you need to avoid them completely.
One way to do this is to move the exclamation mark somewhere else, like the command definition in the NRPE config.
Another could be to use resources.cfg and define a $USERX macro with a number that Nagios will resolve, which is probably the best thing to do in cases of passwords and such, but maybe not in this situation.
changing the NRPE Server command to:
command[check_remote_container_broker_health]=/usr/local/nagios/libexec/check_jmx4perl $ARG1$ '!$ARG2$'
on Nagios Server
define service{
use generic-service
host_name alphprdfuse1i
service_description Container Delta FADEC Broker Health
check_command check_nrpe!check_remote_container_broker_health!-a "--user deltafadec --password B#dM0nk3y --url http://localhost:9093/jolokia --mbean org.apache.activemq:type=Broker,brokerName=amq,service=Health --attribute CurrentStatus --string --critical" "Good"
}
so to remove the ! from the args being passed to NRPE, and let NRPE command issue the logical NOT or !
thank you !!!
I did try using resources.cfg and adding a $USERn$ definition. this did not work for me.
I did try forming the expression on the NRPE server, to accept special characters. This works. And this is all because we avoid the network security risks by allowing dirty characters and bash shell operators. So, this is the BEST solution. it just takes some time understanding what's going on. If you set the logging high, you can see how the macros break it all down. any hoot, here is my solution for a couple implementations.
I will share 2 examples and situations.
on NRPE server, NRPE.cfg
command[check_remote_container_broker_health]=/usr/local/nagios/libexec/check_jmx4perl $ARG1$ '!$ARG2$'
on Nagios server
define service{
use generic-service
host_name alphprdfuse1i
service_description Container PassThru Context State
check_command check_nrpe!check_remote_container_context_state!-a '--user passthru --password B#dC0mpany --url http://localhost:9090/jolokia --mbean org.apache.karaf:type=admin,name="PassThru MultiTenant" --attribute Instances --path "PassThru MultiTenant"/State --critical' 'Started'
}
on NRPE server, NRPE.cfg
command[check_remote_container_context]=/usr/local/nagios/libexec/check_jmx4perl $ARG1$ $ARG2$ $ARG3$ $ARG4$ '$ARG5$"$ARG6$"' $ARG7$
on Nagios server
define service{
use generic-service
host_name alphprdfuse1i
service_description Container PassThru Context ExchangesCompleted
check_command check_nrpe!check_remote_container_context!-a "--user passthru" "--password B#dC0mpany" "--url http://localhost:9090/jolokia" "--mbean" "org.apache.camel:context=passthrumt1.core-com.ge.digital.passthru.coreCamelContext,type=context,name=" "com.ge.digital.passthru.coreCamelContext" "--attribute ExchangesCompleted"
}
Summary
so, if you do not enable the use of special characters on the NRPE, and the sending of such characters from Nagios server to NRPE system, which is declared as a security risk and if you can to avoid using. so, it just becomes a string manipolation to determine what works. basically, if you have any special characters in the Nagios request to NRPE, you need to break this statement in to several strings without the special characters, and apply the special characters on the NRPE side. NRPE will strip out all these characters on evaluation of message.
Related
I'm writing a bash script, which sets a fixed IP for an interface. I'd set the chosen IP with sudo ip addr change dev eth0 192.168.3.14/24.
For this I'll need to validate the user given CIDR IP and came across this perl command: perl -MNet::CIDR=cidrvalidate -e 'printf("%s\n", cidrvalidate($ARGV[0]) ? "valid" : "invalid")' -- 1.2.3.0/24
Now this would be a great one-liner for the bash script, but it only checks if it is a valid network, not if it's valid client IP on the network.
Bash-only solutions become rather extensive quickly, so I'd be fine to use perl or python for this.
I could not identify the appropriate perl command to check if the user entered a valid client IP (CIDR).
I started implementing a regex check in bash, but that became rather extensive quickly.
This perl command almost does the job perfectly, except it states client IPs on the network are "invalid".
perl -MNet::CIDR=cidrvalidate -e 'printf("%s\n", cidrvalidate($ARGV[0]) ? "valid" : "invalid")' -- 1.2.3.0/24
I'd expect the function to identify valid CIDR client IPs. For example:
127.0.0.1/32 = True
What perl/python/bash function can I use to check if a user define IP (CIDR) is a valid client IP?
edit: I've resorted to using ipcalc:
while true; do
read -p "Enter IP: " ip
ipcalc=`ipcalc ${ip}`
if [[ ${ipcalc} =~ "INVALID" ]]; then
echo "Invalid."
else
break
fi
done
See find in Net::CIDR::Lite.
perl -mNet::CIDR::Lite -E'
my $c = Net::CIDR::Lite->new;
$c->add("209.152.214.112/30");
$c->add("209.152.214.116/31");
$c->add("209.152.214.118/31");
for (qw(209.152.214.111 209.152.214.112)) {
say $c->find($_) ? "$_ valid" : "$_ invalid";
}
'
output
209.152.214.111 invalid
209.152.214.112 valid
Have 2 iex shells running on different servers in EC2 but when I try to connect from one to the other I get this error:
Node.connect :them#ip-172-30-<--snip-->
** (ArithmeticError) bad argument in arithmetic expression
:erlang
It looks like elixir doesn't like that the hostname has dashes in it. How can I change the hostname without breaking the routing between the EC2 instances?
Thanks!
The error was caused by atom literal can not contain dash.
You can try :a-b-c and :"a-b-c" in iex.
So you should use Node.connect :"them#ip-172-30-<--snip-->".
Besides, you can use --name NAME instead of --sname NAME to name a node.
sname option makes and assigns a short name with your hostname.
You can name the node with --name like iex --name "them#thisismyhost.
We have a Nagios server running on Linux and one of the host machine is running on Linux.
When I try to manually run the command to get the information of swap space using SNMP I am getting the output, but it is not reflecting on the dashboard.
Can anybody help me?
For your reference, please find the output from manually running the command.
check_snmp_swap.pl -H IP Address -C public -m -w 80 -c 90
Swap Space: 0%used(26MB/95998MB) /data: 0%used(188MB/129704MB) Real
Memory: 16%used(10263MB/64444MB) /: 62%used(30070MB/48432MB) Memory
Buffers: 0%used(239MB/64444MB) (<80%) : OK
But in dashboard I'm not able to see the status of only Swap space, but I'm able to see the status of CPU and RAM.
Check your service definition for check_snmp_swap. Make sure that the service is registered, meaning you set register 1 in the service definition.
For example:
define service{
host_name check_snmp_swap
service_description check-swap
check_command check_snmp_swap!public!80!90
max_check_attempts 5
check_interval 5
retry_interval 3
check_period 24x7
notification_interval 30
notification_period 24x7
notification_options w,c,r
contact_groups linux-admins
register 1
}
Also check the command definition for check_snmp_swap. Make sure that the correct community string gets passed into the command -- in this case, public.
EDIT:
From the configuration information you posted in the comments, I think you have a bit of confusion regarding service definitions and service template definitions.
It looks like you posted a template - which as a template, really should have it's register value set to 0 to indicate it's a template.
Now a real service definition may inherit some settings from a service template. The purpose of this is to save you from having to re-enter the same information over and over again when you create service definitions.
You can override the settings inherited from the service template by explicitly defining those settings in the service definition.
You should create a service definition that looks something like this:
define service{
host_name check_snmp_swap
use generic-service
service_description check-swap
check_command check_snmp_swap
max_check_attempts 5
check_interval 10
retry_interval 2
check_period 24x7
notification_interval 30
notification_period 24x7
notification_options w,u,c,r
contact_groups admins
register 1
}
Then restart your nagios service:
service nagios restart
This ist my current setup:
Host config:
define host{
use generic-host ; Inherit default values from a template
host_name A+A ; The name we're giving to this host
alias A+A Objektausstattung Router ; A longer name associated with the host
address https://87.139.203.190:444 ; IP address of the host
hostgroups Router ; Host groups this host is associated with
}
Service config:
define service{
use generic-service ; Inherit default values from a template
host_name A+A
service_description HTTP
check_command check_http
}
I´ll get this error from Nagios:
check_icmp: Failed to resolve https://87.139.203.190:444
What am I doing wrong here ?
Nagios tries to resolve to ip-address and port. Try ip-address only.
address https://87.139.203.190 ; IP address of the host
Your host definition should only specify an IP address for the 'address'. The URL is not an attribute of the host, but of the HTTP check your want to perform.
The Service definition specifies the check_command, which is in turn defined in the checkcommands.cfg file. This will specify exactly what command is to be run, possibly using additional parameters passed.
You will probably want to pass the port number as a parameter, and that you are to use HTTPS. How to do this will depend on your settings. For example, you could use this in your checkcommands.cfg:
define command{
command_name check_https
command_line $USER1$/check_http -t 12 -H $HOSTADDRESS$ -f ok --ssl=1 -u "$ARG1$" -p "$ARG2$" -w $ARG3$ -c $ARG4$
}
Then you could configure your service with a checkcommand thus:
check_command check_https!/!444!1!5
This would check for the url http://87.139.203.190:444/, giving a warning if it takes over 1s and a critical if it takes over 5s to complete. TLSv1 would be used (else you might get a false positive on web servers with Poodle protection).
How do I configure rsyslog to write raw IP addresses instead of DNS names in log files for remote hosts?
In Debian, open /etc/defaults/rsyslog and modify:
RSYSLOGD_OPTIONS="-x -Q"
and then:
# service rsyslog restart
See man rsyslogd(8) for other possible options. This doesn't disable DNS names for all remote hosts, only some of them.
I use
fromhost-ip
instead of
hostname or source
fromhost-ip reference the host that send the packet to this rsyslog. It meant that if you have any relay intermediate system, the last one is the IP that you see. If you don't use relay this is a valid solution.
You need to create a new template and apply it on /etc/rsyslog.conf. You should create like these on:
$template myFormat,"%timegenerated% %HOSTNAME% %syslogtag%%msg%\n"
$ActionFileDefaultTemplate myFormat