Nagios 4.x installation on CentOS 6

Installation and Configuration

yum install httpd php gcc glibc glibc-common gd gd-devel -y
useradd nagios
groupadd nagcmd
usermod -a -G nagcmd nagios
usermod -a -G nagcmd apache

yum install -y rpm-build doxygen gperf bind-utils mysql-devel net-snmp-utils openssl-devel postgresql-devel samba-client

mkdir -p ~/rpmbuild/{BUILD,BUILDROOT,RPMS,SOURCES,SPECS,SRPMS}

mkdir -p ~/src && cd ~/src

wget http://sourceforge.net/projects/nagios/files/nagios-4.x/nagios-4.0.8/nagios-4.0.8.tar.gz
wget http://www.nagios-plugins.org/download/nagios-plugins-2.0.3.tar.gz
tar zxvf nagios-4.0.8.tar.gz
tar zxvf nagios-plugins-2.0.3.tar.gz

mv nagios-4.0.8.tar.gz ~/rpmbuild/SOURCES
mv nagios-plugins-2.0.3.tar.gz ~/rpmbuild/SOURCES/

cd ~/src/nagios-4.0.8 && ls | grep *.spec

vi nagios.spec
#add
%define _libdir %{_exec_prefix}/lib

rpmbuild -ba nagios.spec

cd ~/src/nagios-plugins-2.0.3 && ls | grep *.spec

vi nagios-plugins.spec
comment %config(missingok,noreplace) %{_sysconfdir}/command.cfg

update %doc ChangeLog command.cfg
to
%doc ChangeLog

rpmbuild -ba nagios-plugins.spec

yum install -y nagios-4.0.8-2.el6.x86_64.rpm nagios-contrib-4.0.8-2.el6.x86_64.rpm nagios-devel-4.0.8-2.el6.x86_64.rpm nagios-plugins-2.0.3-1.x86_64.rpm

vi /etc/nagios/objects/contacts.cfg

mail user@domain.com;

vi /etc/httpd/conf.d/nagios.conf

#Order allow,deny
#Allow from all
Order deny,allow
Deny from all
Allow from 127.0.0.1 192.168.1.0/24 192.168.2.0/24

htpasswd -s -c /etc/nagios/htpasswd.users nagiosadmin

service httpd start
service nagios start
chkconfig httpd on
chkconfig nagios on

/usr/bin/nagios -v /etc/nagios/nagios.cfg

yum install policycoreutils-python

If SELinux is enforcing then add this line.
semanage fcontext -a -t httpd_sys_content_t /usr/share/nagios/

yum install mod_ssl

service httpd restart

vi /etc/nagios/nagios.cfg
cfg_dir=/etc/nagios/servers

NRPE Server installation/configuration

yum install nagios-plugins-nrpe -y

ln -s /usr/lib64/nagios/plugins/check_nrpe /usr/lib/nagios/plugins/check_nrpe

vi /etc/nagios/objects/commands.cfg
define command{
command_name check_nrpe
command_line /usr/lib/nagios/plugins/check_nrpe -H '$HOSTADDRESS$' -c '$ARG1$'
}

NRPE Client installation/configuration

#nrpe is a part of EPEL repo
yum install nrpe openssl -y
yum install nagios-plugins-2.0.3-1.x86_64.rpm -y

vi /etc/nagios/nrpe.cfg
#nagios server
allowed_hosts=127.0.0.1,192.168.1.60

service nrpe restart
chkconfig nrpe on

NRPE Server/Client configuration for PostgreSQL monitoring

server:
vi /etc/nagios/servers/dev-servers-services.cfg
define service {
use generic-service
host_name srvwiki01v
service_description Mediawiki PostgreSQLD Connection
check_command check_nrpe!check_pgsql
}

client:
vi /etc/nagios/nrpe.cfg
command[check_pgsql]=/usr/lib/nagios/plugins/check_pgsql -H 192.168.1.62 -l nagios

service nrpe restart

Testing from server:
/usr/lib/nagios/plugins/check_nrpe -H 192.168.1.62 -c check_pgsql
CRITICAL – no connection to ‘wikidb’ (FATAL: no pg_hba.conf entry for host “192.168.1.62”, user “nagios”, database “wikidb”, SSL off). *
* or default DB – “template1”

Let’s configure ACL:
vi /var/lib/pgsql/data/pg_hba.conf
host template1 nagios 192.168.1.62/32 trust

Create nagios user in postgresql:

su postgres -c bash
$createuser
Enter name of role to add: nagios
Shall the new role be a superuser? (y/n) n
Shall the new role be allowed to create databases? (y/n) n
Shall the new role be allowed to create more new roles? (y/n) n
$exit

Testing connection from nagios server:

[root@srvmon01v ~]# /usr/lib/nagios/plugins/check_nrpe -H 192.168.1.62 -c check_pgsql
OK - database wikidb (0.003504 sec.)|time=0.003504s;2.000000;8.000000;0.000000

SNMP Client configuration

CentOS6
yum install -y net-snmp

or

CentOS5
yum install -y net-snmp net-snmp-utils net-snmp-devel

or

SLES11
zypper install net-snmp

service snmpd stop

mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf_bak

#Creating snmpv3 user
CentOS6
net-snmp-create-v3-user -ro -A snmpv3authPass -a SHA -X snmpv3encPass -x AES snmpv3user

or

CentOS5
net-snmp-config --create-snmpv3-user -ro -A snmpv3authPass -a SHA -X snmpv3encPass -x AES snmpv3user

chkconfig snmpd on
service snmpd start

snmpwalk -u snmpv3user -A snmpv3authPass -a SHA -X snmpv3encPass -x AES -l authPriv 127.0.0.1 -v3

#Ubuntu 9
remove /usr/share/snmp/snmp.conf and /var/lib/snmp/snmpd.conf
net-snmp-config --create-snmpv3-user -ro -A snmpv3authPass -a SHA -X snmpv3encPass -x AES snmpv3user
start snmpd

vi /etc/sysconfig/iptables
CentOS6
-A INPUT -m state --state NEW -m udp -p udp -s 192.168.1.60 --dport 161 -j ACCEPT

or

CentOS5
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp -s 192.168.1.60 --dport 161 -j ACCEPT

service iptables restart

Leave a comment

You must be logged in to post a comment.