I'm having difficulties setting up nagios dependencies so I only receive notifications if the host is up (Pingable).
My host cfg file is as follow:
# Configuration file /etc/nagios/adagios/hosts/dp-front.cfg
# Edited by PyNag on Wed Nov 11 16:38:15 2015
define host {
alias Ditmas Park Front Desk
use windows-server
host_name dp-front
address 192.168.200.47
max_check_attempts 2
check_command check-host-alive
check_period workhours
notification_period workhours
}
define service{
use generic-service
host_name dp-front
service_description Medical Records
check_command check_nt!PROCSTATE!-d SHOWALL -l Robocopy.exe
notification_interval 0
max_check_attempts 1
}
define servicedependency{
host_name localhost
service_description PING
dependent_host_name localhost
dependent_service_description PING
execution_failure_criteria c
notification_failure_criteria w,u,c
}
Nagios is monitoring the service correctly and I receive notifications all the time when the service go down. I'm just not sure how to setup the "servicedependency" section of it.
I'd really appreciate your help as always.
Probably you need to setup below perameter in your host configuration file
notification_options d u r
Add to your host template 'windows-server' a notification_option option
https://assets.nagios.com/downloads/nagioscore/docs/nagioscore/3/en/objectdefinitions.html
notification_options: This directive is used to determine when
notifications for the host should be sent out. Valid options are a
combination of one or more of the following: d = send notifications on
a DOWN state, u = send notifications on an UNREACHABLE state, r = send
notifications on recoveries (OK state), f = send notifications when
the host starts and stops flapping, and s = send notifications when
scheduled downtime starts and ends. If you specify n (none) as an
option, no host notifications will be sent out. If you do not specify
any notification options, Nagios will assume that you want
notifications to be sent out for all possible states. Example: If you
specify d,r in this field, notifications will only be sent out when
the host goes DOWN and when it recovers from a DOWN state.
Related
Total noob here learning Network Automation using Ansible with Jinja2.
I need to determine a range command based on the number of switches in a stack, for example, i ask for input in the playbook, something along the lines of "How many switches in your stack?" and based on that answer i would derive the range command and assign it to a variable that i can call in my playbook.
I know what i want it to do, but i just can't for the life of me figure out how to execute it in Ansible, i'm completely aware that below is wrong, but hopefully it should give you an idea of what i am trying to achieve?
vars_prompt;
- name: numberOfSwitches
prompt: 'How many switches in the stack?'
private: no
if {{ number of switches }} == '4' then
numberOfSwitches='gi1/0/1-48,gi2/0/1-48,gi3/0/1-48,gi4/0/1-48'
i can then call this variable in my jinja2 template to configure all access ports on the switch
Sorry again for my noobness :-)
EDIT
Playbook
---
- name: Generate and Deploy Configuration
hosts: switches
gather_facts: false
connection: network_cli
vars_prompt:
- name: hostname
prompt: "What is the hostname?"
private: no
- name: dataVlanID
prompt: "What is the Data Vlan ID?"
private: no
- name: dataVlanName
prompt: "What is the Data Vlan name?"
private: no
- name: voiceVlanID
prompt: "What is the Voice Vlan ID?"
private: no
- name: voiceVlanName
prompt: "What is the Voice Vlan Name?"
private: no
- name: snmpLocation
prompt: "For SNMP, where will this switch be installed?"
private: no
- name: mgmtVlanIP
prompt: "What is the management IP of this switch?"
private: no
vars:
ansible_ssh_user: staging
ansible_ssh_pass: staging
ansible_network_os: ios
enableSecret: cisco2
userName: cisco2
userPassword: cisco2
nameServerOne: 10.50.191.3
nameServerTwo: 10.50.191.131
startSwitch: 1
ntpPrefer: 10.50.191.3
ntpBackup: 10.50.191.131
tasks:
- name: Generate Running Configuration
template:
src="/etc/ansible/jinja2-template/base_with_vars.j2"
dest=/etc/ansible/config/{{ inventory_hostname }}_interface.txt
register: interface
- name: Push Configuration to Device
ios_config:
src: /etc/ansible/config/{{ inventory_hostname }}_interface.txt
notify: Write Memory
when: interface.changed
handlers:
- name: Write Memory
ios_command:
commands: wr
Hosts
[switches]
SW1 ansible_host=10.222.0.131
Jija2 Template
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec localtime show-timezone
service password-encryption
no service dhcp
!
hostname {{hostname}}
!
boot-start-marker
boot-end-marker
!
logging buffered 1000000
enable secret {{enableSecret}}
!
username {{userName}} privilege 15 secret {{userPassword}}
aaa new-model
!
!
aaa authentication login AAA_METHOD_CONSOLE local
aaa authentication login AAA_METHOD_VTY group radius local
aaa authorization commands 0 default if-authenticated
aaa authorization commands 1 default if-authenticated
aaa authorization commands 15 default if-authenticated
!
!
!
!
!
!
aaa session-id common
clock timezone AEST 10 0
!
!
!
!
no ip source-route
ip dhcp bootp ignore
!
!
ip dhcp snooping vlan 1-4094
ip dhcp snooping database flash:dhcp-snooping.db
ip dhcp snooping
ip domain-name rccprd.redland.qld.gov.au
ip name-server {{nameServerOne}}
ip name-server {{nameServerTwo}}
login block-for 120 attempts 3 within 30
login on-failure log
login on-success log
vtp domain {{hostname}}
vtp mode transparent
!
!
!
!
vlan 8
name PRD-RCC-SECURITY
!
vlan 16
name PRD-RCC-PRINTER
!
!
vlan 56
name PRD-RCC-WIFI-AD
!
vlan {{dataVlanID}}
name {{dataVlanName}}
!
vlan {{voiceVlanID}}
name {{voiceVlanName}}
!
vlan 998
name PRD_RCC_DEAD-VLAN
!
vlan 999
name PRD_RCC_NATIVE-VLAN
!
vlan 4000
name MANAGEMENT_VLAN
!
lldp run
!
!
!
!
interface Vlan4000
ip address {{mgmtVlanIP}} 255.255.255.0
no shutdown
!
!
!
!
!
flow record Scrutinizer-Record1
match datalink mac source address input
match datalink mac destination address input
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
collect transport tcp flags
collect interface input
collect flow sampler
collect counter bytes long
collect counter packets long
collect timestamp sys-uptime first
collect timestamp sys-uptime last
!
!
flow exporter Scrutinizer-Export1
destination 10.50.150.231
source Vlan4000
transport udp 2055
template data timeout 60
option interface-table
option exporter-stats
option sampler-table
!
!
flow monitor Scrutinizer-Monitor1
exporter Scrutinizer-Export1
cache timeout active 60
statistics packet protocol
record Scrutinizer-Record1
!
!
archive
path flash:/Config-Archive/
write-memory
memory reserve critical 4096
memory free low-watermark processor 20
memory free low-watermark IO 20
!
spanning-tree mode mst
spanning-tree extend system-id
!
spanning-tree mst configuration
name RCC-MST
instance 1 vlan 1-4094
!
spanning-tree mst 1 priority 61440
!
!
!
!
!
!
!
!
interface Port-channel1
description LACP to HO HP Core
switchport trunk allowed vlan 1,2,8,16,48,56,121,621,4000
switchport trunk native vlan 999
switchport mode trunk
ip dhcp snooping trust
!
interface range GigabitEthernet{{startSwitch}}/0/1-48
description Client Access Port
switchport access vlan {{dataVlanID}}
switchport voice vlan {{voiceVlanID}}
switchport mode access
switchport port-security maximum 10
switchport port-security violation restrict
switchport port-security aging time 1440
switchport port-security
ip flow monitor Scrutinizer-Monitor1 input
storm-control broadcast level 80.00 50.00
storm-control multicast level 80.00 50.00
storm-control action trap
spanning-tree portfast edge
!
!
ip default-gateway 10.2.0.254
!
no ip http server
no ip http secure-server
!
ip ssh time-out 10
ip ssh source-interface Vlan4000
ip ssh version 2
!
ip access-list standard SNMP-SERVERS
permit 10.50.150.232
permit 10.50.150.231
permit 10.50.150.20
permit 10.50.220.35
permit 10.50.220.28
permit 10.50.220.29
permit 10.50.220.27
deny any log
!
kron occurrence KRON-OCC-0200 at 2:00 recurring
policy-list KRON-POL-SAVE-CONFIG
!
kron occurrence KRON-OCC-0300 at 3:00 recurring
policy-list KRON-POL-SCP-CONFIG
!
kron policy-list KRON-POL-SAVE-CONFIG
cli wr
!
kron policy-list KRON-POL-SCP-CONFIG
cli copy running-config scp://admin:rgrs753jlh#10.50.40.170/{{hostname}}/
!
logging origin-id hostname
logging facility local6
logging source-interface Vlan4000
logging host 10.50.220.63
logging host 10.50.150.20
!
snmp-server group RCC-SNMP-GROUP v3 priv read SNMPv3-RO-VIEW access SNMP-SERVERS
snmp-server view SNMPv3-RO-VIEW internet included
snmp-server trap-source Vlan4000
snmp-server location {{snmpLocation}}
snmp-server contact IT Service Desk (07) 3829 8432
snmp-server chassis-id {{hostname}}
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps config
snmp-server enable traps cpu threshold
snmp-server enable traps vlancreate
snmp-server enable traps vlandelete
snmp-server enable traps envmon fan shutdown supply temperature status
!
!
radius server RADIUS-POOL
address ipv4 10.50.220.62 auth-port 1645 acct-port 1646
key 7 0214325C06045D17790F28352F54260A19060B6F122D0B760631322F2719027E7C5C711A0E4C52480F706A5D5C615F54372D6C0306362C14481801280C6B401F2B
!
banner exec ^CC
#######################################################################
# This computer system is for authorised use only. #
# Users have no explicit or implicit expectation of privacy. #
# Any or all uses of this system and all data on this system may #
# be intercepted, monitored, recorded, copied, audited, inspected, #
# and disclosed to authorised sites and law enforcement personnel, #
# as well as authorised officials of other agencies. #
# By using this system, you consent to such disclosure at the #
# discretion of authorised site personnel. #
# Unauthorised or improper use of this system may result in #
# administrative disciplinary action, civil and criminal penalties. #
# By continuing to use this system you indicate your awareness of #
# and consent to these terms and conditions of use. STOP IMMEDIATELY #
# if you do not agree to the conditions stated in this warning. #
#######################################################################
^C
banner login ^CC
#######################################################################
# This computer system is for authorised use only. #
# Users have no explicit or implicit expectation of privacy. #
# Any or all uses of this system and all data on this system may #
# be intercepted, monitored, recorded, copied, audited, inspected, #
# and disclosed to authorised sites and law enforcement personnel, #
# as well as authorised officials of other agencies. #
# By using this system, you consent to such disclosure at the #
# discretion of authorised site personnel. #
# Unauthorised or improper use of this system may result in #
# administrative disciplinary action, civil and criminal penalties. #
# By continuing to use this system you indicate your awareness of #
# and consent to these terms and conditions of use. STOP IMMEDIATELY #
# if you do not agree to the conditions stated in this warning. #
#######################################################################
^C
configuration mode exclusive
!
line con 0
logging synchronous
login authentication AAA_METHOD_CONSOLE
line vty 0 4
exec-timeout 30 0
privilege level 15
logging synchronous
login authentication AAA_METHOD_VTY
length 0
transport input ssh
line vty 5 15
exec-timeout 30 0
privilege level 15
logging synchronous
login authentication AAA_METHOD_VTY
transport input ssh
!
exception memory ignore overflow processor
exception memory ignore overflow io
ntp source Vlan4000
ntp server {{ntpPrefer}} prefer
ntp server {{ntpBackup}}
!
end
The play below
- hosts: localhost
vars_prompt:
- name: numberOfSwitches
prompt: 'How many switches in the stack?'
private: no
tasks:
- set_fact:
my_switches: "{{ my_switches|default([]) +
[ 'gi' ~ item ~ '/0/1-48' ] }}"
loop: "{{ range(1, numberOfSwitches|int + 1, 1)|list }}"
- template:
src: my_switches.j2
dest: /tmp/my_switches.conf
with this template
$ cat my_switches.j2
{{ my_switches|join(", ") }}
gives
$ cat /tmp/my_switches.conf
gi1/0/1-48, gi2/0/1-48, gi3/0/1-48, gi4/0/1-48
We have a Nagios server running on Linux and one of the host machine is running on Linux.
When I try to manually run the command to get the information of swap space using SNMP I am getting the output, but it is not reflecting on the dashboard.
Can anybody help me?
For your reference, please find the output from manually running the command.
check_snmp_swap.pl -H IP Address -C public -m -w 80 -c 90
Swap Space: 0%used(26MB/95998MB) /data: 0%used(188MB/129704MB) Real
Memory: 16%used(10263MB/64444MB) /: 62%used(30070MB/48432MB) Memory
Buffers: 0%used(239MB/64444MB) (<80%) : OK
But in dashboard I'm not able to see the status of only Swap space, but I'm able to see the status of CPU and RAM.
Check your service definition for check_snmp_swap. Make sure that the service is registered, meaning you set register 1 in the service definition.
For example:
define service{
host_name check_snmp_swap
service_description check-swap
check_command check_snmp_swap!public!80!90
max_check_attempts 5
check_interval 5
retry_interval 3
check_period 24x7
notification_interval 30
notification_period 24x7
notification_options w,c,r
contact_groups linux-admins
register 1
}
Also check the command definition for check_snmp_swap. Make sure that the correct community string gets passed into the command -- in this case, public.
EDIT:
From the configuration information you posted in the comments, I think you have a bit of confusion regarding service definitions and service template definitions.
It looks like you posted a template - which as a template, really should have it's register value set to 0 to indicate it's a template.
Now a real service definition may inherit some settings from a service template. The purpose of this is to save you from having to re-enter the same information over and over again when you create service definitions.
You can override the settings inherited from the service template by explicitly defining those settings in the service definition.
You should create a service definition that looks something like this:
define service{
host_name check_snmp_swap
use generic-service
service_description check-swap
check_command check_snmp_swap
max_check_attempts 5
check_interval 10
retry_interval 2
check_period 24x7
notification_interval 30
notification_period 24x7
notification_options w,u,c,r
contact_groups admins
register 1
}
Then restart your nagios service:
service nagios restart
This ist my current setup:
Host config:
define host{
use generic-host ; Inherit default values from a template
host_name A+A ; The name we're giving to this host
alias A+A Objektausstattung Router ; A longer name associated with the host
address https://87.139.203.190:444 ; IP address of the host
hostgroups Router ; Host groups this host is associated with
}
Service config:
define service{
use generic-service ; Inherit default values from a template
host_name A+A
service_description HTTP
check_command check_http
}
I´ll get this error from Nagios:
check_icmp: Failed to resolve https://87.139.203.190:444
What am I doing wrong here ?
Nagios tries to resolve to ip-address and port. Try ip-address only.
address https://87.139.203.190 ; IP address of the host
Your host definition should only specify an IP address for the 'address'. The URL is not an attribute of the host, but of the HTTP check your want to perform.
The Service definition specifies the check_command, which is in turn defined in the checkcommands.cfg file. This will specify exactly what command is to be run, possibly using additional parameters passed.
You will probably want to pass the port number as a parameter, and that you are to use HTTPS. How to do this will depend on your settings. For example, you could use this in your checkcommands.cfg:
define command{
command_name check_https
command_line $USER1$/check_http -t 12 -H $HOSTADDRESS$ -f ok --ssl=1 -u "$ARG1$" -p "$ARG2$" -w $ARG3$ -c $ARG4$
}
Then you could configure your service with a checkcommand thus:
check_command check_https!/!444!1!5
This would check for the url http://87.139.203.190:444/, giving a warning if it takes over 1s and a critical if it takes over 5s to complete. TLSv1 would be used (else you might get a false positive on web servers with Poodle protection).
How do I configure rsyslog to write raw IP addresses instead of DNS names in log files for remote hosts?
In Debian, open /etc/defaults/rsyslog and modify:
RSYSLOGD_OPTIONS="-x -Q"
and then:
# service rsyslog restart
See man rsyslogd(8) for other possible options. This doesn't disable DNS names for all remote hosts, only some of them.
I use
fromhost-ip
instead of
hostname or source
fromhost-ip reference the host that send the packet to this rsyslog. It meant that if you have any relay intermediate system, the last one is the IP that you see. If you don't use relay this is a valid solution.
You need to create a new template and apply it on /etc/rsyslog.conf. You should create like these on:
$template myFormat,"%timegenerated% %HOSTNAME% %syslogtag%%msg%\n"
$ActionFileDefaultTemplate myFormat
I am switching DNS servers and I'd like to write a short ruby script that runs every 10s and triggers a local Mac OS X system notification as soon as my website resolves to a different IP.
Using terminal-notifier sending a system notification is as easy as this
terminal-notifier -message "DNS Changed"
I'd like to trigger it as soon as the output of
ping -i 10 mywebsite.com
... changes or simply does not contain a defined IP string anymore.
> 64 bytes from 12.34.56.789: icmp_seq=33 ttl=41 time=241.564 ms
in this case "12.34.56.789".
How do I monitor the change of the output string of the ping -i 10 mywebsite.com and call the notification function once a change has been detected?
I thought this might be a nice practice while waiting for the DNS to be updated.
Try this:
IP = "12.34.56.789"
p = IO.popen("ping -i 10 mywebsite.com")
p.each_line do |l|
if(! l =~ /from #{IP}/) #The IP has changed
system("terminal-notifier -message \"DNS Changed\"")
end
end