centos:web_c7:icinga:config_1

Unterschiede

Hier werden die Unterschiede zwischen zwei Versionen angezeigt.

Link zu dieser Vergleichsansicht

Beide Seiten der vorigen Revision Vorhergehende Überarbeitung
Nächste Überarbeitung		 Vorhergehende Überarbeitung
Nächste ÜberarbeitungBeide Seiten der Revision
centos:web_c7:icinga:config_1 [05.05.2015 18:25. ] – [Bridging] djangocentos:web_c7:icinga:config_1 [05.05.2015 20:19. ] – [Remotehost-Konfiguration] django
Zeile 297: Zeile 297:
  
 ==== SSH ==== ==== SSH ====
 +
 +
 +=== Server-Konfiguration ===
 +   # grep nagios /etc/passwd
 +
 +   nagios:x:996:994::/var/spool/nagios:/bin/bash
 +
 +
 +
 +   # mkdir -m 700 /var/spool/nagios/.ssh
 +
 +   # chown nagios.nagios /var/spool/nagios/.ssh
 +
 +   # ssh-keygen -b 4096 -t rsa -f /var/spool/nagios/.ssh/id_rsa
 +<code>Generating public/private rsa key pair.
 +Enter passphrase (empty for no passphrase): 
 +Enter same passphrase again: 
 +Your identification has been saved in /var/spool/nagios/.ssh/id_rsa.
 +Your public key has been saved in /var/spool/nagios/.ssh/id_rsa.pub.
 +The key fingerprint is:
 +ff:75:f3:09:d1:91:30:c8:14:cc:cc:a4:6e:1f:05:87 root@vml000117.dmz.nausch.org
 +The key's randomart image is:
 ++--[ RSA 4096]----+
 +|          O=++   |
 +|          .Eo o .|
 +|           . o |
 +|        .   . . .|
 +|        So . . . |
 +|        ... . .  |
 +|          .. ....|
 +|           . ...+|
 +|            .  ..|
 ++-----------------+
 +</code>
 +
 +   # chown nagios.nagios /var/spool/nagios/.ssh/*
 +
 +
 +
 +
 +   # yum install nagios-plugins-by_ssh
 +
 +=== Remotehost-Konfiguration ===
 +
 +   # grep nagios /etc/passwd
 +
 +   nagios:x:498:497::/var/spool/nagios:/sbin/nologin
 +
 +
 +   # mkdir -m 700 /var/spool/nagios/.ssh
 +
 +   # chown nagios.nagios /var/spool/nagios/.ssh
 +
 +
 +   # ssh -i /var/spool/nagios/.ssh/id_rsa nagios@10.0.0.50
 +
 +<code> ##############################################################################
 + #                                                                            #
 + #                       This is a private home server.                       #
 + #                                                                            #
 + #             Unauthorized access to this system is prohibited !             #
 + #                                                                            #
 + #    This system is actively monitored and all connections may be logged.    #
 + #         By accessing this system, you consent to this monitoring.          #
 + #                                                                            #
 + ##############################################################################
 +Last login: Tue May  5 20:53:23 2015 from vml000117.dmz.nausch.org
 + ##############################################################################
 + #                                                                            #
 + #                 This is the home server of Michael Nausch.                 #
 + #                                                                            #
 + #                           vml000050.dmz.nausch.org                         #
 + #                                                                            #
 + #             Unauthorized access to this system is prohibited !             #
 + #                                                                            #
 + #    This system is actively monitored and all connections may be logged.    #
 + #         By accessing this system, you consent to this monitoring.          #
 + #                                                                            #
 + ##############################################################################
 +-bash-4.1$
 +</code>
 +
 +   # /usr/lib64/nagios/plugins/check_by_ssh --help
 +<code>check_by_ssh v2.0.1 (nagios-plugins 2.0.1)
 +Copyright (c) 1999 Karl DeBisschop <kdebisschop@users.sourceforge.net>
 +Copyright (c) 2000-2014 Nagios Plugin Development Team
 +        <devel@nagios-plugins.org>
 +
 +This plugin uses SSH to execute commands on a remote host
 +
 +Usage:
 + check_by_ssh -H <host> -C <command> [-fqv] [-1|-2] [-4|-6]
 +       [-S [lines]] [-E [lines]] [-t timeout] [-i identity]
 +       [-l user] [-n name] [-s servicelist] [-O outputfile]
 +       [-p port] [-o ssh-option] [-F configfile]
 +
 +Options:
 + -h, --help
 +    Print detailed help screen
 + -V, --version
 +    Print version information
 + --extra-opts=[section][@file]
 +    Read options from an ini file. See
 +    https://www.nagios-plugins.org/doc/extra-opts.html
 +    for usage and examples.
 + -H, --hostname=ADDRESS
 +    Host name, IP Address, or unix socket (must be an absolute path)
 + -p, --port=INTEGER
 +    Port number (default: none)
 + -4, --use-ipv4
 +    Use IPv4 connection
 + -6, --use-ipv6
 +    Use IPv6 connection
 + -1, --proto1
 +    tell ssh to use Protocol 1 [optional]
 + -2, --proto2
 +    tell ssh to use Protocol 2 [optional]
 + -S, --skip-stdout[=n]
 +    Ignore all or (if specified) first n lines on STDOUT [optional]
 + -E, --skip-stderr[=n]
 +    Ignore all or (if specified) first n lines on STDERR [optional]
 + -f
 +    tells ssh to fork rather than create a tty [optional]. This will always return OK if ssh is executed
 + -C, --command='COMMAND STRING'
 +    command to execute on the remote machine
 + -l, --logname=USERNAME
 +    SSH user name on remote host [optional]
 + -i, --identity=KEYFILE
 +    identity of an authorized key [optional]
 + -O, --output=FILE
 +    external command file for nagios [optional]
 + -s, --services=LIST
 +    list of nagios service names, separated by ':' [optional]
 + -n, --name=NAME
 +    short name of host in nagios configuration [optional]
 + -o, --ssh-option=OPTION
 +    Call ssh with '-o OPTION' (may be used multiple times) [optional]
 + -F, --configfile
 +    Tell ssh to use this configfile [optional]
 + -q, --quiet
 +    Tell ssh to suppress warning and diagnostic messages [optional]
 + -w, --warning=DOUBLE
 +    Response time to result in warning status (seconds)
 + -c, --critical=DOUBLE
 +    Response time to result in critical status (seconds)
 + -t, --timeout=INTEGER
 +    Seconds before connection times out (default: 10)
 + -v, --verbose
 +    Show details for command-line debugging (Nagios may truncate output)
 +
 + The most common mode of use is to refer to a local identity file with
 + the '-i' option. In this mode, the identity pair should have a null
 + passphrase and the public key should be listed in the authorized_keys
 + file of the remote host. Usually the key will be restricted to running
 + only one command on the remote server. If the remote SSH server tracks
 + invocation arguments, the one remote program may be an agent that can
 + execute additional commands as proxy
 +
 + To use passive mode, provide multiple '-C' options, and provide
 + all of -O, -s, and -n options (servicelist order must match '-C'options)
 +
 +Examples:
 + $ check_by_ssh -H localhost -n lh -s c1:c2:c3 -C uptime -C uptime -C uptime -O /tmp/foo
 + $ cat /tmp/foo
 + [1080933700] PROCESS_SERVICE_CHECK_RESULT;flint;c1;0; up 2 days
 + [1080933700] PROCESS_SERVICE_CHECK_RESULT;flint;c2;0; up 2 days
 + [1080933700] PROCESS_SERVICE_CHECK_RESULT;flint;c3;0; up 2 days
 +
 +Send email to help@nagios-plugins.org if you have questions regarding use
 +of this software. To submit patches or suggest improvements, send email to
 +devel@nagios-plugins.org
 +</code>
 +
 +Auf dem Remote-Host:
 +   # /usr/lib64/nagios/plugins/check_load -w 15,10,5 -c 30,25,20
 +
 +   OK - load average: 0.13, 0.13, 0.09|load1=0.130;15.000;30.000;0; load5=0.130;10.000;25.000;0; load15=0.090;5.000;20.000;0;
 +
 +   # vim /etc/icinga2/conf.d/commands/by_ssh.conf
 +<code>//Django : 2015-05-05
 +object CheckCommand "by_ssh" {
 +  import "plugin-check-command"
 +
 +  command = [ PluginDir + "/check_by_ssh" ]
 +
 +  arguments = {
 +    "-H" = "$by_ssh_host$"
 +    "-p" = "$by_ssh_port$"
 +    "-4" = {
 +             set_if = "$by_ssh_ipv4$"
 +           }
 +    "-6" = {
 +             set_if = "$by_ssh_ipv6$"
 +           }
 +    "-1" = {
 +             set_if = "$by_ssh_version1$"
 +           }
 +    "-2" = {
 +             set_if = "$by_ssh_version2$"
 +           }
 +    "-S" = "$by_ssh_skip_stdout$"
 +    "-E" = "$by_ssh_skip_stderr$"
 +    "-f" = {
 +             set_if = "$by_ssh_fork$"
 +           }
 +    "-C" = "$by_ssh_command$"
 +    "-l" = "$by_ssh_user$"
 +    "-i" = "$by_ssh_keyfile$"
 +    "-O" = "$by_ssh_output$"
 +    "-s" = "$by_ssh_services$"
 +    "-n" = "$by_ssh_name$"
 +    "-o" = "$by_ssh_option$"
 +    "-F" = "$by_ssh_configfile$"
 +    "-q" = {
 +             set_if = "$by_ssh_quiet$"
 +           }
 +    "-w" = "$by_ssh_warn$"
 +    "-c" = "$by_ssh_crit$"
 +    "-t" = "$by_ssh_timeout$"
 +
 +  }
 +}
 +</code>
 +
 +
 +   # vim /etc/icinga2/conf.d/nausch.org/services/by_ssh.conf
 +<file cc+ /etc/icinga2/conf.d/nausch.org/services/by_ssh.conf>
 +// Django: 2015-05-05
 +
 +apply Service for (by_ssh => config in host.vars.by_ssh) {
 +  import "generic-service"
 +
 +  check_command = "by_ssh"
 +  command_endpoint = host.vars.remote_client
 +
 +  vars += config
 +
 +  assign where host.vars.remote_client
 +}
 +</file>
  
 ==== Bridging ==== ==== Bridging ====
  • centos/web_c7/icinga/config_1.txt
  • Zuletzt geändert: 20.04.2018 10:36.
  • von 127.0.0.1