Table of Contents
Requirements:
A Linux machine connected to the internet.
Optional Requirement:
A Linux machine running Nagios server (needed for running checks)
What is NRPE?
NRPE stands for Nagios Remote Plugin Executor.
It’s a Nagios agent that allows remote system monitoring using scripts that are hosted on the remote systems.
It allows for monitoring of resources such as disk usage, system load or the number of users currently logged in, etc…
Nagios periodically polls the agent on remote system using the check_nrpe plugin.
Let’s Begin:
Step 1 – Add the EPEL repository
Follow this guide: my EPEL installation guide in order to add the EPEL repository to your machine.
Step 2 – Install the NRPE /OpenSSL packages
Run the next command to install the required NRPE packages as well as OpenSSL:
# yum install -y nagios-plugins-nrpe.x86_64 nrpe.x86_64 openssl
Step 3 – Configuring the NRPE agent
First, let’s edit the nagios.cfg file:
nano /etc/nagios/nrpe.cfg
Copy & paste the following data into the nagios.cfg file:
pid_file=/var/run/nrpe/nrpe.pid server_port=5666 nrpe_user=nagios nrpe_group=nagios dont_blame_nrpe=1 # Enables support for command arguments in the NRPE daemon. debug=1 command_timeout=60 allowed_hosts=127.0.0.1,1.1.1.1 # The IP of the server/s allowed to pull information from the NRPE daemon on current machine. command[check_ping]=/usr/lib/nagios/plugins/check_ping -w $ARG1$ -c $ARG2$ command[check_ifstatus]=/usr/lib/nagios/plugins/check_ifstatus -w $ARG1$ -c $ARG2$ command[check_local_load]=/usr/lib/nagios/plugins/check_load -w $ARG1$ -c $ARG2$ command[check_local_disk]=/usr/lib/nagios/plugins/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$ command[check_local_procs]=/usr/lib/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$ command[check_cpu_load]=/usr/lib/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -m $ARG3$ -v command[check_procs_by_name]=/usr/lib/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -C $ARG3$ command[check_local_mysql]=/usr/lib/nagios/plugins/check_mysql -u root -w $ARG1$ -c $ARG2$ -S command[check_provider_ftp]=/usr/lib/nagios/plugins/check_ftp -H $ARG1$ -w $ARG2$ -c $ARG3$ command[check_openfiles]=/usr/lib/nagios/plugins/check_openfiles $ARG1$ command[version]=/usr/lib/nagios/plugins/version command[centerity_event_command]=/usr/lib/nagios/plugins/centerity_command $ARG1$ $ARG2$ command[check_disk]=/usr/lib/nagios/plugins/check_disk $ARG1$ command[check_users]=/usr/lib/nagios/plugins/check_users $ARG1$ command[check_load]=/usr/lib/nagios/plugins/check_load $ARG1$ command[check_procs]=/usr/lib/nagios/plugins/check_procs $ARG1$ command[check_zombie_procs]=/usr/lib/nagios/plugins/check_procs $ARG1$ command[check_total_procs]=/usr/lib/nagios/plugins/check_procs $ARG1$ command[check_uptime]=/usr/lib/nagios/plugins/check_uptime $ARG1$ command[check_netstat]=/usr/lib/nagios/plugins/check_netstat $ARG1$ command[check_veritas_disks]=/usr/lib/nagios/plugins/check_vxdisk command[check_swap]=/usr/lib/nagios/plugins/check_swap -w 50% -c 38% command[check_memory]=/usr/lib/nagios/plugins/check_memory $ARG1$ command[check_log]=/usr/lib/nagios/plugins/check_log $ARG1$ command[check_log2]=/usr/lib/nagios/plugins/check_log2 $ARG1$ command[check_date]=/usr/lib/nagios/plugins/check_date $ARG1$ command[check_file_age]=/usr/lib/nagios/plugins/check_file_age $ARG1$ command[check_mailq]=/usr/lib/nagios/plugins/check_mailq $ARG1$ command[check_netstat]=/usr/lib/nagios/plugins/check_netstat $ARG1$ command[check_oracle]=/usr/lib/nagios/plugins/check_oracle $ARG1$ command[check_mysql]=/usr/lib/nagios/plugins/check_mysql $ARG1$ command[check_sensors]=/usr/lib/nagios/plugins/check_sensors $ARG1$ command[check_vxdisk]=/usr/lib/nagios/plugins/check_vxdisk $ARG1$ command[check_tcp]=/usr/lib/nagios/plugins/check_tcp $ARG1$ command[check_udp]=/usr/lib/nagios/plugins/check_udp $ARG1$ command[check_by_ssh]=/usr/lib/nagios/plugins/check_by_ssh $ARG1$ command[check_dummy]=/usr/lib/nagios/plugins/check_dummy $ARG1$ command[check_flexlm]=/usr/lib/nagios/plugins/check_flexlm $ARG1$ command[check_proc_load]=/usr/lib/nagios/plugins/check_proc_load $ARG1$ command[check_veritas_cluster]=/usr/lib/nagios/plugins/check_vcs $ARG1$ command[check_dell_storage]=/usr/lib/nagios/plugins/check_openmanage --only storage command[check_dell_fans]=/usr/lib/nagios/plugins/check_openmanage --only fans command[check_dell_memory]=/usr/lib/nagios/plugins/check_openmanage --only memory command[check_dell_power]=/usr/lib/nagios/plugins/check_openmanage --only power command[check_dell_temp]=/usr/lib/nagios/plugins/check_openmanage --only temp command[check_dell_cpu]=/usr/lib/nagios/plugins/check_openmanage --only cpu command[check_dell_voltage]=/usr/lib/nagios/plugins/check_openmanage --only voltage command[check_dell_batteries]=/usr/lib/nagios/plugins/check_openmanage --only batteries command[check_dell_amperage]=/usr/lib/nagios/plugins/check_openmanage --only amperage command[check_dell_intrusion]=/usr/lib/nagios/plugins/check_openmanage --only intrusion command[check_dell_sdcard]=/usr/lib/nagios/plugins/check_openmanage --only sdcard command[check_dell_esmhealth]=/usr/lib/nagios/plugins/check_openmanage --only esmhealth command[check_dell_esmlog]=/usr/lib/nagios/plugins/check_openmanage --only esmlog command[check_dell_alertlog]=/usr/lib/nagios/plugins/check_openmanage --only alertlog command[check_dell_critical]=/usr/lib/nagios/plugins/check_openmanage --only critical command[check_dell_warning]=/usr/lib/nagios/plugins/check_openmanage --only warning command[check_openmanage]=/usr/lib/nagios/plugins/check_openmanage command[check_kvm]=sudo /usr/lib/nagios/plugins/check_kvm
*** Check the #Comments in the file to understand the options I used. ***
*** This is a pretty full nrpe.cfg file, you may want to remove unnecessary check_command‘s, I use them all. ***
Next, Let’s edit /etc/sudoers and add the following lines:
nano /etc/sudoers
Defaults:nagios !requiretty # Allows for nagios user (The user NRPE uses) to not require a tty. nagios ALL = NOPASSWD:/usr/lib64/nagios/plugins/* # Allows nagios user to run all NRPE plugins using sudo without entering a password.
Make nagios the owner of /etc/nagios and /usr/lib64/nagios/plugins folders:
# chown -R nagios.nagios /etc/nagios # chown -R nagios.nagios /usr/lib64/nagios/plugins
*** In 32bit systems, the nagios plugins folder will be located under /usr/lib/nagios/plugins ***
Optional Step 4 – Configuring the NRPE agent to run as daemon
Create a file /etc/xinetd.d/nrpe and paste the following information to it:
service nrpe
{
flags = REUSE
type = UNLISTED
port = 5666
socket_type = stream
wait = no
user = nagios
group = nagios
server = /usr/sbin/nrpe
server_args = -c /etc/nagios/nrpe.cfg --inetd
log_on_failure += USERID
disable = no
only_from = 127.0.0.1,1.1.1.1 # The IP of the Nagios server
}Save the file and restart xinetd when done:
# service xinetd restart
or
# kill -HUP xinetd
Step 5 – Configuring IPtables to allow NRPE connections:
In order to allow NRPE to accept connections, you’ll need to open the relevant port in your machine’s firewall:
# iptables -I INPUT -p tcp -m tcp --dport 5666 -j ACCEPT
Step 6 – Set NRPE agent service to start on boot and start it manually now
Run the next command:
# chkconfig nrpe on ; service nrpe start
Step 7 – Testing NRPE
The first test I always do allows me to see if the NRPE agent is responding:
# /usr/lib64/nagios/plugins/check_nrpe -H localhost
This is the response you’re supposed to get:
NRPE local check
Then run the same check from the Nagios server:
NRPE remote check
If both checks returned the NRPE version then it means that the NRPE agent is installed and configured correctly on the monitored host.
It also means that there’s a clean connection between the two servers and that the monitored host’s port 5666 is opened and listening.
Now you can start checking the monitored host using other checks, for example, in order to check how much disk space left on the monitored server “/” mount point:
NRPE remote check disk
Troubleshooting
Troubleshooting NRPE could be annoying but as with all other Linux projects, it takes a typo to break the whole deal, so always remember to check everything all over again.
I’ll give you some examples to how I start troubleshooting NRPE problems, it really depends on the error you receive but here are some basic guide lines:
1. Make sure that the NRPE port is opened on the monitored host:
[root@Monitored ~]# netstat -an | grep 5666 tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN tcp 0
2. Make sure that nagios user is allowed to run the plugins without having to enter sudo password and is not required to open a tty:
[root@Monitored ~]# grep nagios /etc/sudoers Defaults:nagios !requiretty nagios ALL = NOPASSWD:/usr/lib64/nagios/plugins/*
3. Make sure that nagios user is the owner of /etc/nagios and /usr/lib64/nagios/plugins (or /usr/lib/nagios/plugins on 32bit machines):
[root@Monitored ~]# ls -la /etc/nagios/ drwxrwxr-x 2 nagios nagios 4096 2014-06-10 09:06 . drwxr-xr-x. 66 root root 4096 2014-06-09 16:17 .. -rw-r--r-- 1 nagios nagios 4844 2014-06-09 16:18 nrpe.cfg [root@Monitored ~]# ls -la /usr/lib64/nagios/plugins/ drwxrwxr-x 2 nagios nagios 4096 2014-06-09 15:32 . drwxr-xr-x 3 root root 4096 2014-06-09 14:54 .. -rwxr-xr-x 1 nagios nagios 115552 2014-06-09 14:59 check_apt -rwxr-xr-x 1 nagios nagios 58248 2014-06-09 14:59 check_by_ssh -rwxr-xr-x 1 nagios nagios 67392 2014-06-09 14:59 check_clamd -rwxr-xr-x 1 nagios nagios 41568 2014-06-09 14:59 check_cluster -rwxr-x--x 1 nagios nagios 56256 2014-06-09 14:59 check_dhcp
4. Make sure that the plugins which are in the plugins folder of the Nagios server also exist on the plugins folder of the Monitored server.
5. When a check fails against a remote host where you just finished configuring NRPE, run the check against a server where you know for sure the NRPE is working properly.
6. If you went through all these steps and are still having a problem, use the next document:
For those of you who wish to shorten the procedure, please use the following script that I have made:
No Comments Yet