Nagios 4.x installation on CentOS 6
Installation and Configuration
yum install httpd php gcc glibc glibc-common gd gd-devel -y
useradd nagios
groupadd nagcmd
usermod -a -G nagcmd nagios
usermod -a -G nagcmd apache
yum install -y rpm-build doxygen gperf bind-utils mysql-devel net-snmp-utils openssl-devel postgresql-devel samba-client
mkdir -p ~/rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS}
mkdir -p ~/src && cd ~/src
wget http://sourceforge.net/projects/nagios/files/nagios-4.x/nagios-4.0.8/nagios-4.0.8.tar.gz
wget http://www.nagios-plugins.org/download/nagios-plugins-2.0.3.tar.gz
tar zxvf nagios-4.0.8.tar.gz
tar zxvf nagios-plugins-2.0.3.tar.gz
mv nagios-4.0.8.tar.gz ~/rpmbuild/SOURCES
mv nagios-plugins-2.0.3.tar.gz ~/rpmbuild/SOURCES/
cd ~/src/nagios-4.0.8 && ls | grep *.spec
vi nagios.spec
#add
%define _libdir %{_exec_prefix}/lib
rpmbuild -ba nagios.spec
cd ~/src/nagios-plugins-2.0.3 && ls | grep *.spec
vi nagios-plugins.spec
comment %config(missingok,noreplace) %{_sysconfdir}/command.cfg
update %doc ChangeLog command.cfg
to
%doc ChangeLog
rpmbuild -ba nagios-plugins.spec
yum install -y nagios-4.0.8-2.el6.x86_64.rpm nagios-contrib-4.0.8-2.el6.x86_64.rpm nagios-devel-4.0.8-2.el6.x86_64.rpm nagios-plugins-2.0.3-1.x86_64.rpm
vi /etc/nagios/objects/contacts.cfg
mail user@domain.com;
vi /etc/httpd/conf.d/nagios.conf
#Order allow,deny
#Allow from all
Order deny,allow
Deny from all
Allow from 127.0.0.1 192.168.1.0/24 192.168.2.0/24
htpasswd -s -c /etc/nagios/htpasswd.users nagiosadmin
service httpd start
service nagios start
chkconfig httpd on
chkconfig nagios on
/usr/bin/nagios -v /etc/nagios/nagios.cfg
yum install policycoreutils-python
If SELinux is enforcing then add this line.
semanage fcontext -a -t httpd_sys_content_t /usr/share/nagios/
yum install mod_ssl
service httpd restart
vi /etc/nagios/nagios.cfg
cfg_dir=/etc/nagios/servers
NRPE Server installation/configuration
yum install nagios-plugins-nrpe -y
ln -s /usr/lib64/nagios/plugins/check_nrpe /usr/lib/nagios/plugins/check_nrpe
vi /etc/nagios/objects/commands.cfg
define command{
command_name check_nrpe
command_line /usr/lib/nagios/plugins/check_nrpe -H '$HOSTADDRESS$' -c '$ARG1$'
}
NRPE Client installation/configuration
#nrpe is a part of EPEL repo
yum install nrpe openssl -y
yum install nagios-plugins-2.0.3-1.x86_64.rpm -y
vi /etc/nagios/nrpe.cfg
#nagios server
allowed_hosts=127.0.0.1,192.168.1.60
service nrpe restart
chkconfig nrpe on
NRPE Server/Client configuration for PostgreSQL monitoring
server:
vi /etc/nagios/servers/dev-servers-services.cfg
define service {
use generic-service
host_name srvwiki01v
service_description Mediawiki PostgreSQLD Connection
check_command check_nrpe!check_pgsql
}
client:
vi /etc/nagios/nrpe.cfg
command[check_pgsql]=/usr/lib/nagios/plugins/check_pgsql -H 192.168.1.62 -l nagios
service nrpe restart
Testing from server:
/usr/lib/nagios/plugins/check_nrpe -H 192.168.1.62 -c check_pgsql
CRITICAL – no connection to ‘wikidb’ (FATAL: no pg_hba.conf entry for host “192.168.1.62”, user “nagios”, database “wikidb”, SSL off). *
* or default DB – “template1”
Let’s configure ACL:
vi /var/lib/pgsql/data/pg_hba.conf
host template1 nagios 192.168.1.62/32 trust
Create nagios user in postgresql:
su postgres -c bash
$createuser
Enter name of role to add: nagios
Shall the new role be a superuser? (y/n) n
Shall the new role be allowed to create databases? (y/n) n
Shall the new role be allowed to create more new roles? (y/n) n
$exitTesting connection from nagios server:
[root@srvmon01v ~]# /usr/lib/nagios/plugins/check_nrpe -H 192.168.1.62 -c check_pgsql
OK - database wikidb (0.003504 sec.)|time=0.003504s;2.000000;8.000000;0.000000SNMP Client configuration
CentOS6
yum install -y net-snmp
or
CentOS5
yum install -y net-snmp net-snmp-utils net-snmp-devel
or
SLES11
zypper install net-snmp
service snmpd stop
mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf_bak
#Creating snmpv3 user
CentOS6
net-snmp-create-v3-user -ro -A snmpv3authPass -a SHA -X snmpv3encPass -x AES snmpv3user
or
CentOS5
net-snmp-config --create-snmpv3-user -ro -A snmpv3authPass -a SHA -X snmpv3encPass -x AES snmpv3user
chkconfig snmpd on
service snmpd start
snmpwalk -u snmpv3user -A snmpv3authPass -a SHA -X snmpv3encPass -x AES -l authPriv 127.0.0.1 -v3
#Ubuntu 9
remove /usr/share/snmp/snmp.conf and /var/lib/snmp/snmpd.conf
net-snmp-config --create-snmpv3-user -ro -A snmpv3authPass -a SHA -X snmpv3encPass -x AES snmpv3user
start snmpd
vi /etc/sysconfig/iptables
CentOS6
-A INPUT -m state --state NEW -m udp -p udp -s 192.168.1.60 --dport 161 -j ACCEPT
or
CentOS5
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp -s 192.168.1.60 --dport 161 -j ACCEPT
service iptables restart
