I have the nagios with two host. one is localhost(10.10.62.5) and another one is
ubuntu(10.10.62.10). i set up nagios monitor on localhost.
host configuration files are below
localhost.cfg:
define host{
use linux-server
host_name localhost
alias localhost
address 10.10.62.5
}
define service{
host_name localhost
service_description WSN_COUNT
is_volatile 1
check_command check-host-alive
max_check_attempts 1
normal_check_interval 1
retry_check_interval 1
active_checks_enabled 0
passive_checks_enabled 1
check_period 24x7
notification_interval 31536000
notification_period 24x7
notification_options w,u,c
notifications_enabled 1
}
ubuntu.cfg:
define host{
use linux-server
host_name ubuntu
alias ubuntu
address 10.10.62.10
}
define service{
host_name localhost
service_description WSN_COUNT
is_volatile 1
check_command check-host-alive
max_check_attempts 1
normal_check_interval 1
retry_check_interval 1
active_checks_enabled 0
passive_checks_enabled 1
check_period 24x7
notification_interval 31536000
notification_period 24x7
notification_options w,u,c
notifications_enabled 1
}
MIBfile:
NAGIOS-TRAP-TEST-MIB DEFINITIONS ::= BEGIN
IMPORTS enterprises FROM SNMPv2-SMI;
nagiostests OBJECT IDENTIFIER ::= { enterprises 0 }
nagiostraps OBJECT IDENTIFIER ::= { nagiostests 1 }
nagiosnotifs OBJECT IDENTIFIER ::= { nagiostests 2 }
WSNcount NOTIFICATION-TYPE
OBJECTS { sysLocation }
STATUS current
DESCRIPTION "SNMPv2c notification"
::= { nagiosnotifs 9 }
END
I used snmptt(net-snmp) to integrate the traps with nagios. configuration files are
snmptt.conf.local:
EVENT WSNcount .1.3.6.1.4.1.0.2.1 "Status Events" Normal
FORMAT SNMPv2c notification $*
EXEC /usr/local/nagios/libexec/eventhandlers/submit_check_result localhost WSN_COUNT 1 "SNMPv2c notification $*"
SDESC
SNMPv2c notification
Variables:
1: sysLocation
EDESC
snmptt.conf.local:
EVENT WSNcount .1.3.6.1.4.1.0.2.1 "Status Events" Normal
FORMAT SNMPv2c notification $*
EXEC /usr/local/nagios/libexec/eventhandlers/submit_check_result ubuntu WSN_COUNT 1 "SNMPv2c notification $*"
SDESC
SNMPv2c notification
Variables:
1: sysLocation
EDESC
When i sending trap from ubuntu(10.10.62.10) machine using following command, trap sending to both hosts in nagios.
snmptrap -v 2c -c private 10.10.62.5 "" NAGIOS-TRAP-TEST-MIB::RFIDcount SNMPv2-MIB::sysLocation.0 s "snmptest trap"
PLEASE help me with send trap to particular host.. how it is possible...
I think you misinterpreted what a SNMP-trap is. A SNMP-trap is a SNMP message sent to your monitoring system/service from a network device such as a router, switch, blade, cluster, ..
I guess the thing you want to do is search the MIB-file for the particular network device you want to monitor and search the OID that matches the information you want the gather from that specific device.
The device you want to monitor through SNMP has to have SNMP enabled in it's configuration (webbased or something..).
You can do a SNMPwalk to this device to see all available OIDs :
snmpwalk -v 2c -c public <ip address network device>
-c stands for 'community' and by default this is 'public', you can edit this in the configuration of your network device.
-v stands for the version of SNMP you want to use.
When you find the OID which provides you the device's information you wore looking for you can do the following command (or put this in a perl or bash script) :
snmpwalk -v 2c -c public <ip address network device> <OID>
When you made this script you can define a command for this script in commands.cfg :
#'check_lefthand' command definition
define command{
command_name check_lefthand
command_line $USER1$/lefthands.pl $ARG1$ $ARG2$
}
You can now use this check_ in your service definitions of Nagios.
Related
Apple removed high-level PPTP support in macOS Sierra from its network configuration system. However, the PPP internals are all still there, including /usr/sbin/pppd and /etc/ppp/.
How can I programmatically initiate a PPTP VPN connection on macOS Sierra / High Sierra using what's left?
Answer:
This method creates a PPTP connection that doesn't send all traffic and doesn't override other DNS providers, meaning it works with multiple simultaneous VPN connections each having different DNS search domains, and closes it in an orderly fashion.
Not sending all traffic requires you to know the VPN subnet beforehand. If you don't, you must send all traffic (see below), since vanilla PPP/LCP has no means to tell the client its subnet (although theoretically the ip-up and ip-down scripts could guess it from the received IP address).
Save this perl as /usr/local/bin/pptp:
#!/usr/bin/env perl
if (#ARGV) {
my $name = $ARGV[0];
if (length $name && -e "/etc/ppp/peers/$name") {
my $pid;
$SIG{"INT"} = "IGNORE";
die "fork: $!" unless defined ($pid = fork);
if ($pid) { # parent
$SIG{"INT"} = sub {
kill HUP => $pid;
};
wait;
exit;
} else { #child
$SIG{"INT"} = "DEFAULT";
exec "pppd", "call", $name;
exit;
}
} else {
print "Error: PPTP name: $name\n";
}
} else {
opendir my $d, "/etc/ppp/peers" or die "Cannot read /etc/ppp/peers";
while (readdir $d) {
print "$_\n" if !($_ eq "." || $_ eq "..");
}
closedir $d;
}
Run it as sudo pptp AcmeOffice, where AcmeOffice is the PPP connection name, and close it with a single Control-C/SIGINT.
In /etc/ppp/peers, create the PPP connection file, in this example /etc/ppp/peers/AcmeOffice:
plugin /System/Library/SystemConfiguration/PPPController.bundle/Contents/PlugIns/PPPDialogs.ppp
plugin PPTP.ppp
noauth
# debug
redialcount 1
redialtimer 5
idle 1800
#mru 1320
mtu 1320
receive-all
novj 0:0
ipcp-accept-local
ipcp-accept-remote
refuse-pap
refuse-chap
#refuse-chap-md5
refuse-eap
hide-password
#noaskpassword
#mppe-stateless
mppe-128
mppe-stateful
require-mppe
passive
looplocal
nodetach
# defaultroute
#replacedefaultroute
# ms-dns 8.8.8.8
# usepeerdns
noipdefault
# logfile /tmp/ppp.AcmeOffice.log
ipparam AcmeOffice
remoteaddress office.acme.com
user misteracme
password acme1234
The last 4 options are connection-specific. Note the password is stored cleartext. chown root:wheel and chmod 600 is recommended. nodetach, ipcp-accept-local, ipcp-accept-remote, noipdefault are critical.
Since we're not becoming/replacing the default route, you must manually change your routing table. Add an AcmeOffice entry to the /etc/ppp/ip-up script:
#!/bin/sh
#params: interface-name tty-device speed local-IP-address remote-IP-address ipparam
PATH=$PATH:/sbin:/usr/sbin
case "$6" in
AcmeOffice)
route -n add -net 192.168.1.0/24 -interface "$1"
;;
AcmeLab)
route -n add -net 192.168.2.0/24 -interface "$1"
;;
AcmeOffshore)
route -n add -net 192.168.3.0/24 -interface "$1"
;;
VPNBook)
;;
*)
;;
esac
and your /etc/ppp/ip-down script:
#!/bin/sh
#params: interface-name tty-device speed local-IP-address remote-IP-address ipparam
PATH=$PATH:/sbin:/usr/sbin
case "$6" in
AcmeOffice)
route -n delete -net 192.168.1.0/24 -interface "$1"
;;
AcmeLab)
route -n delete -net 192.168.2.0/24 -interface "$1"
;;
AcmeOffshore)
route -n delete -net 192.168.3.0/24 -interface "$1"
;;
VPNBook)
;;
*)
;;
esac
If the VPN has a DNS search domain (i.e. somehost.office.acme.com), create a file in /etc/resolver/ named after the DNS suffix, like /etc/resolver/office.acme.com, with contents like:
nameserver 192.168.1.1
domain office.acme.com
Note that this requires knowing the destination domain & nameserver beforehand. Theoretically ip-up & ip-down could create & delete this file on demand.
To send all traffic (& if you don't know the destination subnet), uncomment #defaultroute in the PPP connection file and leave the ip-up & ip-down entries blank (e.g. the VPNBook example). To override your DNS with the VPN's, uncomment usepeerdns.
I need to extract the value of "Manage VLAN" from the below output with regular expressions and store the value inside a variable to be used later in my script.
set switch 100.10.100.100
set Username "test"
set Password "test"
spawn ssh -o StrictHostKeyChecking=no $Username#$switch
expect "*assword: "
send "$Password\r"
expect *>
send "enable\r"
expect "*#"
send "config\r"
expect "(config)#"
send "display something"
The output will be:
status : Connected
IP Address : 2.2.2.2
Mask : 255.255.255.255
Gateway : 2.2.2.1
Manage VLAN : 456
Manage priority : 0
Option60 : No
Switch : Enable
How might I achieve this?
See example:
expect1.1> spawn bash -c "echo vlan : 1234"
spawn bash -c echo vlan : 1234
22902
expect1.2> expect -re {vlan *: *([0-9]+)}
vlan : 1234
expect1.4> set vlanid $expect_out(1,string)
1234
expect1.5> puts $vlanid
1234
expect1.6>
I wrote a simple nagios command to check the change of a value over 1 second
#!/bin/bash
HOSTNAME=$1
COMMUNITY=$2
OID=$3
WAITTIME=1
echo "/usr/lib/nagios/plugins/check_snmp -H $HOSTNAME -C $COMMUNITY -o $OID" > /tmp/csnmp_comand
VAR1=`/usr/lib/nagios/plugins/check_snmp -H $HOSTNAME -C $COMMUNITY -o $OID|cut -d"=" -f2|sed 's/[a-Z]//'`
/bin/sleep $WAITTIME
VAR2=`/usr/lib/nagios/plugins/check_snmp -H $HOSTNAME -C $COMMUNITY -o $OID|cut -d"=" -f2|sed 's/[a-Z]//'`
CHANGED=`/usr/bin/expr $VAR2 - $VAR1`
BPS=`/usr/bin/expr $CHANGED / $WAITTIME`
echo "OK $BPS|bps=$BPS" > /tmp/check_snmptest
echo "OK $BPS|bps=$BPS"
exit 0
And I wrote a service calling this script
define command{
command_name snmp_cps
command_line /usr/lib/nagios/plugins/check_cps '$HOSTADDRESS$' '$_HOSTSNMPCOMMUNITY$' '$ARG1'
}
When I call The script manually ( Even as the nagios user ) I get
OK 233|bps=233
Or something like that, but when I schedule this command it returns null and sets it to critical
Also My host.cfg is
define host{
use generic-host
host_name asa5505.customer.local
alias Options ASA 5505
address asa5505.customer.local
_SNMPCOMMUNITY SetSecurly
}
define service {
use generic-service
host_name asa5505.customer.local
service_description Outside Interface PBS
check_command snmp_cps!1.3.6.1.2.1.2.2.1.10.16
}
With a few changes ( hostname and snmpcommunity )
It was the quotes, I needed to use " instead of '
I faced this issue while configuring hadoop datanode monitoring plugin on centos 6(64-bit). I solved this issue of "nagios status information null" by following the below configuration.
On nrpe client machine
Edit /etc/nagios/nrpe.cfg
command[check_hadoop_datanodes]=/usr/lib64/nagios/plugins/check_hadoop_datanode.pl -H name-node-ip
On Nagios server machine
Edit /etc/nagios/objects/commands.cfg
define command {
command_name check_nrpe
command_line /usr/lib64/nagios/plugins/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}
Edit /etc/nagios/servers/master-hdp.cfg
define service{
use generic-service
host_name master-hdp
service_description check datanodes status
check_command check_nrpe!check_hadoop_datanodes
}
After this restart nagios server
service nagios restart
Any Suggestions regarding this post are appreciable. thank you
Which of the following is the correct format for snmptrap (net-snmp) command?
snmptrap -v 2c -c public host "" NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification \
netSnmpExampleHeartbeatRate i 123456
or
snmptrap -v 2c -c public host "" NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification \
netSnmpExampleHeartbeatRate.0 i 123456
i.e., with or without .0 in the variable bindings?
Actually both of these formats work, but which one is right or what is the difference?
It depends if "scalar" or a "table row"-related varbinds are being referred to in the trap.
http://www.net-snmp.org/wiki/index.php/TUT:snmptrap states :
Note that this command also includes an (OID,type,value) triple for
the varbinds listed in the VARIABLES clause (in the same way as with
the snmpset command).
Table row example.
snmptrap -v 2c -c public host:162 .1.3.6.1.6.3.1.1.5.3 .1.3.6.1.6.3.1.1.5.3 \
ifIndex i 2 ifAdminStatus i 1 ifOperStatus i 1
For reference :
snmptranslate -m +ALL -Pu .1.3.6.1.6.3.1.1.5.3
IF-MIB::linkDown
No .0 in the variable bindings since id is taken care of by the ifIndex which pinpoints the row.
Scalar row example.
http://www.net-snmp.org/wiki/index.php/TUT:snmptrap shows example
snmptrap -v 1 -c public host UCD-TRAP-TEST-MIB::demotraps "" 6 17 "" \
SNMPv2-MIB::sysLocation.0 s "Just here"
'SNMPv2-MIB::sysLocation.0' is a scalar.
Unlike IF-MIB::linkDown example above, which was related to a table row id-ed by the ifIndex, here the .0s at the end pinpoints the scalar (like when you SET it)
Netsnmp example from original question
mibs/NET-SNMP-EXAMPLES-MIB.txt states
netSnmpExampleHeartbeatRate OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"A simple integer object, to act as a payload for the
netSnmpExampleHeartbeatNotification. The value has
no real meaning, but is nominally the interval (in
seconds) between successive heartbeat notifications."
::= { netSnmpExampleNotificationObjects 1 }
i.e. it is not a real, identifiable, accessible scalar so I recommend no .0.
guys,i have a problem on using xinetd,the error message is 'xinetd[20126]: execv( /home/fulu/download/mysqlchk_status2.sh ) failed: Exec format error (errno = 8)'
the system operation is : CentOS release 6.2;
i installed the xinetd by the command 'sudo yum install xinetd'
i edited the /etc/services, add my port 6033 for my service named 'mysqlchk'
the service 'mysqlchk' in /etc/xinetd.d/mysqlchk is
service mysqlchk
{
disable = no
flags = REUSE
socket_type = stream
port = 6033
wait = no
user = fulu
server = /home/fulu/download/mysqlchk_status2.sh
log_on_failure += USERID
}
the shell file /home/fulu/download/mysqlchk_status2.sh content is
echo 'test'
6.i can run the command /home/fulu/download/mysqlchk_status2.sh straightly and get the result 'test'
when i telnet 127.0.0.1 6033,i get the output
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
Connection closed by foreign host.
then i tail the log file /var/log/messages,it shows
Apr 22 22:01:47 AY1304111122016 xinetd[20001]: START: mysqlchk pid=20126 from=127.0.0.1
Apr 22 22:01:47 AY1304111122016 xinetd[20126]: execv( /home/fulu/download/mysqlchk_status2.sh ) failed: Exec format error (errno = 8)
Apr 22 22:01:47 AY1304111122016 xinetd[20001]: EXIT: mysqlchk status=0 pid=20126 duration=0(sec)
i don't know why,can anybody help me ?
I'm sorry, after questioning it i suddenly found the answer. If you want the shell to be run in other program you need add '#!/bin/echo' at the first line of the shell file (of course the echo can be changed)