How to Monitor Hosts using Nagios NRPE on Debian 9

Nagios NRPE Debian 9In our recent article we have shown how to install nagios core on Debian 9 to monitor some remote hosts's services. To do that you will need to install Nagios NRPE daemon and plugins on the remote hosts. It is a package that will be installed on all the remote hosts which need to be monitored.

NRPE (Nagios Remote Plugin Executor) is an addon which allows you to remotely execute Nagios plugins on remote Linux machines. It allows you to monitor remote machine metrics (disk usage, CPU load, etc.). It can also communicate with some Windows agent addons like NSClient++, so you can execute scripts and check metrics on remote Windows hosts as well. In this article, I will explain to you how you can monitor your Linux and Windows hosts servers with Nagios.

How does NRPE work?

NRPE is a monitoring agent and protocol that is often used to monitor remote hosts with Nagios. NRPE works with:

  • a client (check_nrpe plugin) that runs on the Nagios server
  • a daemon that runs on the remote server, processes requests from the client, and returns status information.

We can summarize the process by the scheme below

Nagios Server (check_nrpe)-> Remote host (NRPE deamon)-> service_to_check
Nagios Server (check_nrpe) <-Remote host (NRPE deamon) <-service_to_check

When Nagios needs to monitor a resource of service from a remote machine:

  • Nagios will execute the check_nrpe plugin and tell it what services need to be checked
  • The check_nrpe plugin contacts the NRPE daemon on the remote host
  • The NRPE daemon runs the appropriate Nagios plugin to check the service or resource
  • The results from the service check are passed from the NRPE daemon back to the check_nrpe plugin, which then returns the check results to the Nagios process.

NRPE can be configured to only accept connections from a specific IP address. You can just tell it what commands to run through the connection. Only commands that the local host has configured will be allowed and you can determine if arguments will be sent by Nagios.

1) Add a Linux host on nagios server

In order to use the NRPE add-on, you'll need to perform some tasks on both the Nagios server and the remote Linux host where the NRPE daemon is installed on. In our, case the remote Linux host is a Debian 9 server. I will show the specifics points of the procedure for Centos and Ubuntu servers.

a) Configure the remote Linux host

We need to install the nagios and NRPE plugins on the remote server to monitor.

Install the nagios plugin

We need first to install pre-requisites

# apt install -y autoconf gcc libc6 libmcrypt-dev make libssl-dev wget bc gawk dc build-essential snmp libnet-snmp-perl gettext

On Centos 7 install the pre-requisites as below

# yum install -y gcc glibc glibc-common make gettext automake autoconf wget openssl-devel net-snmp net-snmp-utils epel-release perl-Net-SNMP

Now we will create our working directory into /opt directory where we will download the plugins

# mkdir /opt/nagios && cd /opt/nagios
# wget --no-check-certificate -O nagios-plugins.tar.gz https://github.com/nagios-plugins/nagios-plugins/archive/release-2.2.1.tar.gz
# tar zxf nagios-plugins.tar.gz
# cd nagios-plugins-release-2.2.1

Now we will compile and install the plugins

# ./tools/setup
# ./configure
# make
# make install

Install the nrpe plugin

Now we can download the lastest version of nrpe which is nrpe plugin 3.2.0 when I am writing this article.

# cd /opt/nagios/
# wget --no-check-certificate -O nrpe.tar.gz https://github.com/NagiosEnterprises/nrpe/archive/nrpe-3.2.0.tar.gz
# cd nrpe-nrpe-3.2.0
# tar xzf nrpe.tar.gz && cd nrpe-nrpe-3.2.0

Now we will compile it

# ./configure --enable-command-args
# make all

For Ubuntu the compilation command is

# ./configure --enable-command-args --with-ssl-lib=/usr/lib/x86_64-linux-gnu/
# make all

We will need to create nagios user and group on the remote Linux host too

# make install-groups-users

We will install the binary files, the NRPE daemon, the check_nrpe plugin and the config files

# make install && make install-config

Now we will map the nrpe port number (5666) to a named service

# echo >> /etc/services
# echo '# Nagios services' >> /etc/services
# echo 'nrpe    5666/tcp' >> /etc/services

We will install services and make sure to start nrpe when the system startup

# make install-init && systemctl enable nrpe.service

Configure the firewall

It is important now to configure the firewall to accept all nrpe communication

# iptables -I INPUT -p tcp --destination-port 5666 -j ACCEPT

We will install iptables-persistent which takes over the automatic loading of the saved iptables rules. To do this, the rules must be saved in the file /etc/iptables/rules.v4

# apt install -y iptables-persistent

Make sure to answer yes to save existing rules. Normally you can use iptables-save command to save iptables new rules.

On Centos 7, configure the firewall as below

# firewall-cmd --zone=public --add-port=5666/tcp
# firewall-cmd --zone=public --add-port=5666/tcp --permanent

Authorize the nagios server to communicate with the host

After installing nrpe plugin, we need to configure all the host allowed to communicate with the nrpe plugin on the Linux host. It means that we shall indicate the nagios server information (IP address, etc) to be reached. The file /usr/local/nagios/etc/nrpe.cfg is the one which contains all nrpe settings.

Find the directive allowed_hosts and add the private IP address of your Nagios server

allowed_hosts=172.16.20.128

Find the directive dont_blame_nrpe to determine whether or not the NRPE daemon will allow clients to specify arguments to commands that are executed.

dont_blame_nrpe=1

Start and test nrpe service

To start nrpe service use the command below

# systemctl start nrpe.service

Now to see if things are working properly, we need to make sure that nrpe daemon is first running

# netstat -at | egrep "nrpe|5666"
tcp        0      0 0.0.0.0:nrpe            0.0.0.0:*               LISTEN     
tcp6       0      0 [::]:nrpe               [::]:*                  LISTEN

Now we can test if nrpe works locally by running the check_nrpe plugin which was installed

# /usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v3.2.0

You should have the output above which indicates that nrpe plugin works perfectly on the Linux host. The NRPE configuration file that got installed contains several commands definitions which we can be used to monitor our remote host.

Now we need now to configure the nagios server

b) Configure the nagios server to detect the remote host

This article assumes that you have already installed and configured the Nagios server on Debian 9. It means that you will now configure it to detect and add our remote Linux host. If you have not configured it yet, please follow this article.

On the nagios server, we will need to install nrpe plugin too and create a configuration file for the Linux host.

Install nrpe plugin

The procedure is exactly the same as on the Linux host but don't forget that on the nagios server we already have a nagios user and group so we can skip that step. We will move to our nagios working directory

# cd /opt/nagios
# wget --no-check-certificate -O nrpe.tar.gz https://github.com/NagiosEnterprises/nrpe/archive/nrpe-3.2.0.tar.gz
# cd nrpe-nrpe-3.2.0

Now we will compile it

# tar xzf nrpe.tar.gz && cd nrpe-nrpe-3.2.0
# ./configure --enable-command-args
# make all

We will install binaries and configuration files

# make install && make install-config

We will need to add nrpe service too

# echo >> /etc/services
# echo '# Nagios services' >> /etc/services
# echo 'nrpe    5666/tcp' >> /etc/services

We will install services and make sure to start nrpe at the system startup

# make install-init && systemctl enable nrpe.service

Configure the firewall and nrpe service

We will also configure the firewall to allow the nrpe communication with all the hosts.

# iptables -I INPUT -p tcp --destination-port 5666 -j ACCEPT
# systemctl start nrpe.service

Test communication with the remote Linux host nrpe daemon

We need to make sure the check_nrpe plugin can talk to the NRPE daemon on the remote host. We will use the check_nrpe plugin with the IP address of the remote host as you can see below

# /usr/local/nagios/libexec/check_nrpe -H 172.16.20.129
NRPE v3.0

Now we will use a command definition to try to monitor a service (check cpu load) on the remote Linux.

# /usr/local/nagios/libexec/check_nrpe -H 172.16.20.129 -c check_load
CRITICAL - load average: 0.01, 0.28, 0.31|load1=0.010;0.150;0.300;0; load5=0.280;0.100;0.250;0; load15=0.310;0.050;0.200;0;

You can see that we have a response of the remote Linux to monitor. It shows that our plugin works perfectly on the remote host and the communication is good.

c) Define a new Linux Host and services on the nagios server

Nagios contains by default some object definitions into the /usr/local/nagios/etc/objects directory on the nagios server which represents each type of host that you can need to monitor.

# ls /usr/local/nagios/etc/objects/
commands.cfg    printer.cfg    switch.cfg    localhost.cfg   timeperiods.cfg   windows.cfg
contacts.cfg    templates.cfg  

We will first create a folder in which we will save all the remote host configuration files that Nagios server must monitor.

# mkdir /usr/local/nagios/etc/objects/servers 

Nagios has a template file templates.cfg which contains some examples object definitions templates that are referred by other hosts, services, etc. These definitions will be helpful when we will create each remote host file definition.

By default, Nagios monitor the server where it is installed through the localhost.cfg file. We will use this file to create the configuration file for our Linux host.

# cp /usr/local/nagios/etc/objects/localhost.cfg /usr/local/nagios/etc/objects/servers/linux.cfg

Now we will edit our file in order to add our host.

# cd /usr/local/nagios/etc/objects/servers/
# vim linux.cfg
###############################################################################
###############################################################################
#
# HOST DEFINITION
#
###############################################################################
###############################################################################

# Define a host for the local machine

define host{
        use                     linux-server    ; Name of host template to use
						; This host definition will inherit all variables that are defined
						; in (or inherited by) the linux-server host template definition.
        host_name               debian9
        alias                   Debian 9
        address                 172.16.20.129
        }
###############################################################################
###############################################################################
#
# SERVICE DEFINITIONS
#
###############################################################################
###############################################################################

# Define a service to "ping" the local machine

define service{
        use                             generic-service         ; Name of service template to use
        host_name                       debian9
        service_description             PING
	check_command			check_ping!100.0,20%!500.0,60%
        }

# Define a service to check the disk space of the root partition
# on the local machine.  Warning if < 20% free, critical if
# < 10% free space on partition.

define service{
        use                             generic-service         ; Name of service template to use
        host_name                       debian9
        service_description             Root Partition
	check_command			check_local_disk!20%!10%!
        }

Your file should look like something above. This output has been truncated. You will have more services definitions.

The directive address should contain the address of the remote host to monitor.

The directive host_name must contain the name which will appear on your nagios dashboard and it should be indicative for you, so remove the default localhost value and replace it with another name (debian9 is the name in my case). You should replace that directive every where it appears in the file, it means for host and all service definitions.

The service definitions present in the file are standard. I will give you below three service definitions to add at the end of the file for imap, ftp and smtp if you need to monitor these services on your remote Linux.

#Checking FTP service

define service{
        use				generic-service         ; Inherit default values from a template
        host_name               	debian9
        service_description     	FTP
        check_command   		check_ftp
        }

#Checking SMTP service

define service{
        use             		generic-service         ; Inherit default values from a template
        host_name               	debian9
        service_description     	SMTP
        check_command   		check_smtp
        }

#Checking IMAP service

define service{
        use             		generic-service         ; Inherit default values from a template
        host_name               	debian9
        service_description     	IMAP
        check_command   		check_imap
        }

d) Update the nagios configuration file and restart the service

Now that we have created a new directory for our remote hosts, we need to indicate where nagios can find it in order to use it. So will edit the default nagios configuration file /usr/local/nagios/etc/nagios.cfg

 vim /usr/local/etc/nagios.cfg
# OBJECT CONFIGURATION FILE(S)
# These are the object configuration files in which you define hosts,
# host groups, contacts, contact groups, services, etc.
# You can split your object definitions across several config files
# if you wish (as shown below), or keep them all in a single config file.

# You can specify individual object config files as shown below:
cfg_file=/usr/local/nagios/etc/objects/commands.cfg
cfg_file=/usr/local/nagios/etc/objects/contacts.cfg
cfg_file=/usr/local/nagios/etc/objects/timeperiods.cfg
cfg_file=/usr/local/nagios/etc/objects/templates.cfg

# Definitions for monitoring the local (Linux) host
cfg_file=/usr/local/nagios/etc/objects/localhost.cfg
#cfg_file=/usr/local/nagios/etc/objects/linux.cfg

# Definitions for monitoring a Windows machine
#cfg_file=/usr/local/nagios/etc/objects/windows.cfg

# Definitions for monitoring a router/switch
#cfg_file=/usr/local/nagios/etc/objects/switch.cfg

# Definitions for monitoring a network printer
#cfg_file=/usr/local/nagios/etc/objects/printer.cfg


# You can also tell Nagios to process all config files (with a .cfg
# extension) in a particular directory by using the cfg_dir
# directive as shown below:

cfg_dir=/usr/local/nagios/etc/objects/servers
#cfg_dir=/usr/local/nagios/etc/servers
#cfg_dir=/usr/local/nagios/etc/printers
#cfg_dir=/usr/local/nagios/etc/switches
#cfg_dir=/usr/local/nagios/etc/routers

You can notice that I have added the directive cfg_dir=/usr/local/nagios/etc/objects/servers which indicates the new host's directory to consider. You can notice that the directive cfg_file indicates the different services and hosts configuration files used by nagios.

It means that if we didn't create a directory but simply the file linux.cfg in the default /usr/local/nagios/etc/objects directory, we should simply need to add the directive cfg_file=/usr/local/nagios/etc/objects/linux.cfg so that nagios would detect the configuration of our remote host.

Now we need to check if the nagios configuration doesn't contain any error before restarting the service

# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

Nagios Core 4.3.2
Copyright (c) 2009-present Nagios Core Development Team and Community Contributors
Copyright (c) 1999-2009 Ethan Galstad
Last Modified: 2017-05-09
License: GPL

Website: https://www.nagios.org
Reading configuration data...
   Read main config file okay...
   Read object config files okay...

Running pre-flight check on configuration data...

Checking objects...
	Checked 19 services.
	Checked 2 hosts.
	Checked 1 host groups.
	Checked 0 service groups.
	Checked 1 contacts.
	Checked 1 contact groups.
	Checked 17 commands.
	Checked 5 time periods.
	Checked 0 host escalations.
	Checked 0 service escalations.
Checking for circular paths...
	Checked 2 hosts
	Checked 0 service dependencies
	Checked 0 host dependencies
	Checked 5 timeperiods
Checking global event handlers...
Checking obsessive compulsive processor commands...
Checking misc settings...

Total Warnings: 0
Total Errors:   0

Things look okay - No serious problems were detected during the pre-flight check

You can see that we don't have any error so we can restart nagios service

# systemctl restart nagios

e) Access to the nagios web interface

Now that everything is fine, we can start our nagios administration page to see the result of our configuration. On your local server, access by http://localhost/nagios

I was accessing on my remote Linux this is why you can see that I have indicated the IP of my Nagios server. You can see that we have our new remote Linux with its services.

We have not installed FTP service on our remote host yet. This is why this service is in a critical state.

2) Add a windows host on nagios server

For monitoring Windows hosts with Nagios, you need to install NSClient++ on your remote Windows systems. NSClient++ (nscp) is an agent that must be deployed on remote hosts to be monitored. NSClient++ allows many ways to check your system:

  • Get System health (cpu, disks…)
  • Get performances counters
  • Check Log file
  • Check scheduled task, etc

a) Configure the windows host

On remote windows host, we need to install nsclient++. You can download it from the official site.  We have downloaded the msi file NSCP-0.5.0.62-x64.msi 

Install and configure nsclient

Launch the installation process.

At this step, choose Next

 

At this step, take custom 

Indicate the nagios server IP and the nagios password for web access. Also stick all "Enable" options (check plugins, check_nt, check_nrpe, web server, nsca client) and safe mode.

You can install with leaving the password blank. You don't need to indicate it.

Check the NSClient state

Now that it is installed, we shall verify if NSClient service is started by opening services.msc. Now search about nsclient and verify its state (must be Running). Check that the startup type is set to "Automatic"

We can see that our plugin is working. Now we can configure our nagios server side.

b) Configure the nagios server

On Nagios server, we need to define our new windows host to monitor with its services.

Add a new windows host definition

We shall add a new host definition for the Windows machine that we are going to monitor by modifying the /usr/local/nagios/etc/objects/windows.cfg file. As for our Linux host, we will copy the windows configuration file in the servers directory that we have created earlier.

# cp /usr/local/nagios/etc/objects/windows.cfg /usr/local/nagios/etc/objects/servers/

Normally we are already into the /usr/local/nagios/etc/objects/servers/ directory on the server. So we will edit the windows host file.

# vim windows.cfg

###############################################################################
###############################################################################
#
# HOST DEFINITIONS
#
###############################################################################
###############################################################################

# Define a host for the Windows machine we'll be monitoring
# Change the host_name, alias, and address to fit your situation

define host{
	use		windows-server	; Inherit default values from a template
	host_name	winserver	; The name we're giving to this host
	alias		My Windows Server	; A longer name associated with the host
	address		172.16.20.131	; IP address of the host
	}

###############################################################################
###############################################################################
#
# SERVICE DEFINITIONS
#
###############################################################################
###############################################################################

# Create a service for monitoring the version of NSCLient++ that is installed
# Change the host_name to match the name of the host you defined above

define service{
	use			generic-service
	host_name		winserver
	service_description	NSClient++ Version
	check_command		check_nt!CLIENTVERSION
	}


# Create a service for monitoring the uptime of the server
# Change the host_name to match the name of the host you defined above

define service{
	use			generic-service
	host_name		winserver
	service_description	Uptime
	check_command		check_nt!UPTIME
	}

Try to have something as the output above. This output has been truncated. The IP address must be your Windows IP address. You can use another host_name value.

In the windows host file by default, it doesn't have a service definition to check the ping so you can add the service below at the end of the file. It is the default check_ping service present in Linux host file.

define service{
        use                             generic-service         ; Name of service template to use
        host_name                       winserver
        service_description             PING
	check_command			check_ping!100.0,20%!500.0,60%
        }

Remember that we have indicated the nagios password protection. When you specified a password in the NSClient++ configuration file on the Windows machine, you'll need to modify the existing check_nt command definition to include the password by modifying the commands.cfg file. So open the file and research the appropriate line as below:

# vim /usr/local/nagios/etc/objects/commands.cfg

define command{
			command_name	check_nt
			command_line	$USER1$/check_nt -H $HOSTADDRESS$ -p 12489 -s PASSWORD -v $ARG1$ $ARG2$
			}

We will need to change the definition of the check_nt command to include the keyword "-s <PASSWORD>" argument  where <PASSWORD> is the nagios password that you have specified on the Windows host (nagios in our case) during the NSClient++ installation.

When you don't indicate the password during the NSClient installation, you can skip this step. If you have set the password and want to cancel it, you can edit the NSClient file with notepad on the command prompt like below

And comment the password line like below

At this time, you should not need to indicate the password in the command.cfg file, you could skip this step.

Check the nagios configuration file and restart the service

Now that we have finished our windows host definition, we can now check if our nagios doesn't count any error. You should notice that we didn't even add a directive in the nagios main configuration file /usr/local/nagios/etc/nagios.cfg because we have edited the windows file in the servers directory that we have indicated earlier. If didn't create that directory, we should juste uncomment the directive cfg_file=/usr/local/nagios/etc/objects/windows.cfg

Now we can check the file errors

# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

Nagios Core 4.3.2
Copyright (c) 2009-present Nagios Core Development Team and Community Contributors
Copyright (c) 1999-2009 Ethan Galstad
Last Modified: 2017-05-09
License: GPL

Website: https://www.nagios.org
Reading configuration data...
   Read main config file okay...
   Read object config files okay...

Running pre-flight check on configuration data...

Checking objects...
	Checked 27 services.
	Checked 3 hosts.
	Checked 1 host groups.
	Checked 0 service groups.
	Checked 1 contacts.
	Checked 1 contact groups.
	Checked 25 commands.
	Checked 5 time periods.
	Checked 0 host escalations.
	Checked 0 service escalations.
Checking for circular paths...
	Checked 3 hosts
	Checked 0 service dependencies
	Checked 0 host dependencies
	Checked 5 timeperiods
Checking global event handlers...
Checking obsessive compulsive processor commands...
Checking misc settings...

Total Warnings: 0
Total Errors:   0

Things look okay - No serious problems were detected during the pre-flight check

You can see that we don't have any error and a new host has been detected. Now we have 3 hosts

# systemctl restart nagios

Access to the nagios web interface

Now can open the nagios dashboard page to see our new host with its processes.

You can see that we have our windows host added.

If you look the services, you can see the check_ping that we have added. We have not launched explorer this is why you can see the critical message about it.

Now you have two new servers added on your nagios dashboard.

Conclusion

We have seen how to add Linux and Windows hosts on Nagios server implemented on Debian 9. We have described how to install and configure NRPE which is responsible for the monitoring role. It is used to monitor Linux and Windows machines with Nagios. On Windows hosts, you will need to install NSClient++.

About Alain Francois

IT Linux administrator passionate of free and open source software, I work on Linux Systems since some years on installations and deployments of certain solutions. I like to share my experiences with a wider audience by training and conferences.

Author Archive Page

Have anything to say?

Your email address will not be published. Required fields are marked *

All comments are subject to moderation.