TO BE COMPLETED

I am using Nagios to remotely monitor my servers. Nagios is an Open Source infrastructure allowing a single server to monitor a bunch of disparate servers and computers remotely. For basic monitoring, like checking network connection, server services, etc, there is no need to install any software on the client PCs. If you need more data, there are special services that can be installed on each PC to collect information and forward it to the main Nagios Server.

It's a pretty flexible architecture: it is possible to create your own monitoring modules in C or Perl, there is a pretty complete web interface available, and Nagios can also warn you by email, pager or mobile (though third-party services) to let you know of problems. All network configurations are possible to monitor as you can set up intermediary servers to listen and collect data from a local network which the main server can collect securely.

Installation

Below is what I did to make Nagios work for me. There are more comprehensive notes on the main site. I suggest you follow the following pages in sequence:

Nagios has a reputation of being fairly convoluted to install and configure. It is true that power and flexibility are often poor friends of ease of installation. Having said that, installing Nagios is fairly straightforward, especially On RedHat and Fedora where it's even pretty easy to install core functionality using pre-packaged RPMs. Configuration is another matter: Nagios is flexible and can adapt to almost any scenario, that's the only way to ensure you get what you want out of it, rather than being force-fed someone else's view of what you should get.

I use the Dag apt? software repository. It contains a lot of extra packages that are not available elsewhere, including all the Nagios goodies.

Note: Make sure that Apache can run on your server. You will need it to access the web interface.

To see what packages are available:

# apt-cache search nagios
nagios - Open Source host, service and network monitoring program.
nagios-devel - Header files, libraries and development documentation for nagios.
nagios-nrpe - Nagios Remote Plug-ins Execution daemon
nagios-nsca - Nagios Service Check Acceptor.
nagios-plugins - Host/service/network monitoring program plugins for Nagios
nagios-plugins-nrpe - Nagios plug-in for NRPE
nsc - Console monitor for Nagios

Not all of these packages need to be installed. Remember that some are meant to run on remote clients. We'll deal with those later. For now, only install the necessary packages:

# apt-get install nagios nagios-plugins

Check that the following line has been inserted and is not commented out at the end of your Apache main configuration file /etc/httpd/conf/httpd.conf:

...
Include /etc/httpd/conf.d/nagios.conf

Note: the RPM packages follow a different convention for the location of the Nagios files. Files are not in the same location as mentionned in the Nagios documentation. To find them all on your server, do a find / -iname '*nagios*'.

By default, access to the Nagios web interface is restricted to localhost and there is no restriction on who can run the -potentially harmfull- CGI scripts. You can change that by editing the Nagios web configuration file /etc/httpd/conf.d/nagios.conf (change the C class address 192.168.0.0 by whatever is it you use for your LAN):

ScriptAlias /nagios/cgi-bin/ /usr/lib/nagios/cgi/
<Directory /usr/lib/nagios/cgi/>
Options ExecCGI
order deny,allow
deny from all
allow from 192.168.0.0/255.255.255.0 127.0.0.1
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/htpasswd.users
require valid-user
</Directory>
<:vspace>
Alias /nagios/ /usr/share/nagios/
<Directory /usr/share/nagios/>
Options None
order deny,allow
deny from all
allow from 192.168.0.0/255.255.255.0 127.0.0.1
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /etc/nagios/htpasswd.users
require valid-user
</Directory>

Don't open your server to the world (allow from all) just yet as it has not yet been secured! Create the special user that will allowed access to the server and make sure that httpd can read it (Apache generally runs under the apache or httpd user):

# htpasswd -c /etc/nagios/htpasswd.users nagiosadmin
# chown apache.apache /etc/nagios/htpasswd.users

You can add more users later (omit the -c switch, otherwise your password file will be overwritten instead of appended):

# htpasswd /etc/nagios/htpasswd.users <username>

Restart your web server with service httpd restart and connect to your Nagios server (assumed here to be 192.168.0.50) from a web browser on your network: http://192.168.0.50/nagios/. You should be greeted by the following screen if everything was and you entered your ''nagiosadmin'/<password>' pair correctly:

If you can't pass the authentication or get a server error, check your error log to find what went wrong: tail /var/log/httpd/error_log.

Configuration

Now, since I want to be in control of everything, modify the /etc/nagios/cgi.cfg as such (uncomment the lines if necessary):

...
use_authentication=1
authorized_for_system_information=nagiosadmin
authorized_for_configuration_information=nagiosadmin
authorized_for_system_commands=nagiosadmin
authorized_for_all_services=nagiosadmin
authorized_for_all_hosts=nagiosadmin
authorized_for_all_service_commands=nagiosadmin
authorized_for_all_host_commands=nagiosadmin
...

References

How to setup Nagios:

Nagios Site:

Comments
scott@die-spammer-die-die-die-sathornley.netWednesday 01 March 2006, at 23:05 GMT+8 [X]
be aware that the rpms for FC4 are set up to use /etc/nagios/htpasswd rather than /etc/nagios/htpasswd.users. So the /etc/http/conf.d/nagios.conf file needs to be modified for these instructions to work. Otherwise - THANKS!!!
Enter your comment (no links allowed): Author:

Design by N.Design Studio, adapted by solidGone.org (version 1.0.0)
Powered by pmwiki-2.2.0-beta65