| Version 4 (modified by mickem, 16 months ago) (diff) |
|---|
TracNav
Reference manual
See doc.
TracNav
About NSClient++
NSClient++ (nscp) aims to be a simple yet powerful and secure monitoring daemon. It was built for Nagios/Icinga?, but nothing in the daemon is Nagios/Icinga? specific and it can be used in many other scenarios where you want to receive/distribute check metrics.
The deamon has 3 main functions:
- Allow a remote machine (monitoring server) to request commands to be run on this machine (the monitored machine) which return the status of the machine.
- Submit the same results to a remote (monitoring server).
- Take action and perform tasks.
Extending NSClient++
NSClient++ is designed to be open ended and allow you to customize it in any way you design thus extensibility is a core feature.
- ExternalScripts? responds to queries and are executed by the operating system and the results are returned as-is. This is generally the simplest way to extend NSClient++ as you can utilize whatever infrastructure or skill set you already have.
- LuaScripts? are internal scripts which runs inside NSClient++ and performs various tasks and/or responds to queries. This is the best option if you want to allow the script to run on any platform with as little infrastructure as possible.
- PythonScripts? are internal scripts which runs inside NSClient++ and performs various tasks and/or responds to queries. Python is an easy and powerful language but it requires you to also install python which is often not possible on server hardware.
- .Net modules similar to Native modules below but written on the dot-net platform. This allows you to write components on top of the large dot-net ecosystem.
- Modules are native plugins which can extend NSClient++ in pretty much any way possible. This is probably the most complicated way but gives you the most power and control.
Talking to NSClient++
Since NSClient++ is meaningless by itself it also supports a lot of protocols to allow it to be used by a lot of monitoring solutions.
- NRPE (Nagios Remote plugin Executor) is a Nagios centric protocol to collect remote metrics.
- NSCA (Nagios Service Check Acceptor) is a Nagios centric protocol for submitting results.
- NSCP is the native NSClient++ protocol (still under development)
- dNSCP is a high performance distributed version of NSCP for high volume traffic.
- NRDP is a replacement for NSCA.
- check_mk is a protocol utilized by the check_mk monitoring system.
- Syslog is a protocol primarily designed for submitting log records.
- Graphite allows you do real-time graphing.
- SMTP is more of a toy currently.
Supported OS/Platform
NSClient++ should run on the following operating systems:
- Windows: From NT4 SP5 up to Windows 2008 and Windows 7
- Linux: Debian, Centos and Ubuntu (and possibly others as well)
- Win32, x64 as well as various Linux hardware as well.
TracNav
Michael Medin
My Name is Michael Medin and I am the author of this program (an also handles a lot of the support and such).
Abstract
Michael Medin is a senior architect and open source developer and has (among other things) written the de-facto agent for monitoring (among other things) windows based servers from (among other things) Nagios (NSClient++). In his not-so-spare time he works as a consultant building middle ware on mainly Oracle using Java, XML and various Web Service and REST technologies. When he is not working diligently at his computer he is often found riding his mountain bike along some rocky single track in the glorious Swedish countryside.
Michal has a blog which ca be found at http://blog.medin.name
Contact me
| Email: | michael at medin dot name |
| Phone: | +46 707 40 32 78 |
Mail (the slow kind)
Michael Medin Kommunalvaegen 20 5tr SE-141 61 HUDDINGE SWEDEN
Messengers
| EMail: | michael at medin dot name |
| MSN: | michael at medin dot name |
| XMPP: | mickem at medin dot name |
| GTalk: | mickem at gmail dot com |
| ICQ: | 1818494 |
| Skype: | michael.medin |
Communities
| LinkedIn?: | http://www.linkedin.com/in/mickem |
| Facebook: | http://www.facebook.com/medin.michael |
| Last.fm: | http://www.last.fm/user/mickem |
TracNav
About NSClient++ 0.4.x
NSClient++ has always attempted to be a generic agent built to support any ones needs. The original concept was to merge "nsclient" with "nrpe_nt". Due to inherent design issue sthe case was always a bit cramped and much was based around the inner working of NRPE. This has in 0.4.0 changed drastically one could argue that finally the idea behind a generic agent has finally become reality something which can be seen in the number of supported protocols. At launch of 0.4.0 we will support the following protocols with many more to come.
- Distributed NSCP
- Graphite
- NRPE
- NSCA
- NSClient (check_nt)
- NSCP
- SMTP
- Syslog
Message Exchange Concepts (paradigms)
To create a generic client it was important to find a few paradigms which are generic and extensible enough to facilitate various uses. In NSClient++ we currently support three main paradigms:
- query (status check) A Synchronous query MEP used to query system health (or other things)
- submissions (status report) A fire and forget MEP used to report status (or other things)
- execution (script execution) A Synchronous? execution MEP used to modify and change system aspects (or other things)
The idea is that these are more message exchange patterns and can be used for many things. For instance query could just as well be used for inventory and execution could easily be used to modify configuration and/or system properties.
Query
This is the common idea used in NRPE the main difference is that all limitations have been removed. It is now possible to send any length payload, any number of queries in one go as well as attach payload data etc etc.
Submission
This is the common idea used in NSCA which the main difference is that all limitations have been removed. It is now possible to send any length payload, any number of queries in one go as well as attach payload data etc etc.
Execution
This is very similar to query and the main difference is how it is used.
Summary
It is important to understand that these are not protocols they are paradigms. For instance internally there is no payload limit but if you check from Nagios using check_nrpe you are still stuck with the 1024 char limitation. So currently the "wonders of no limits" are not really useful to you (but this will change). But the main idea is to show the community that it is possible and hopefully as time goes on new protocols will emerge. It is also important to understand that a lot of these things can still be used with great benefits even now as you can use all this internally inside scripts and what not. So dont think that it is unimportant just because NRPE still has a payload limit.
Configuration Concepts
(Again) Since the goal was to make something which is flexible enough for everyone the settings subsystem allows you to do whatever you want (almost). We currently support five main different settings stores.
- old (legacy format used in 0.3.x versions)
- ini New version of the ini file wich supports all new options
- registry Windows registry (proper one this time) support.
- http (Currently very crude way to support loading remote configuration)
- dummy In-memory store which cannot be saved. (mainly used for scripts and such which will create a temporary run which does not require saving)
The "cool" thing about the whole concept is that on store can include another this means that if I want to keep my legacy "old" store I can simply create a include section which includes a ini file and thus have another file where I can place all new configuration settings. Or if I want to have the bulk of the config in the registry but allow an administrator the ability to override some keys locally we can (from the registry) include a file and vice verse.
The actual settings are key value pairs store in a hierarchical tree (much like the registry in that regards logical grouping). But of course we can still store this in a file thus the end result is:
[/settings/NSCA/client/targets/default] host=192.168.0.1 encryption=aes
Where you can notice the /settings/NSCA/client/targets/default which is the hierarchical path host is the key and 192.168.0.1 is the value.
For more details about configuration see the configuration section doc/configuration/0.4.x.
TODO This page is a quick place holder for a more in depth version which I will write at some point :)
TracNav
Installing NSClient++
This is a grooving process before it was all manual but slowly we are getting a more "automated" installation process so hopefully this will keep improving in the future as well and some of the steps might go away.
1. Installation
NSClient++ comes with an interactive installer (MSI) which should preferably be used. There is also a command line option for registering (and de-registering) the service -- for details refer to the manual installation guide. If you are using Windows NT4 there is some dependencies you need to install manually -- for details refer to the NT4 Dependency guide.
Details on how to do silent installs and automated silent installs can be found at the Installation Guide page.
Thus to install the Client you simply click the MSI package (for your platform) and follow the wizard through. BUT after you have installed it still needs to be configured as follows.
2. Configuration
Before you start NSClient++ you need to configure it by editing the configuration. The configuration is usually in a file called NSC.ini or nsclient.ini (depending on version). But where the configuration is actually stored can differ so the best way to make sure is to open the file called boot.ini which containes the order the file are loaded. It is also important top understand that configuration can include other configuration stores which means one file can for instance include the registry or some such. For details on the configuration options check the Configuration section of the wiki.
It is important to understand that out-of-the-box NSClient++ has no active configuration which means you NEED to be configured it before you can use it. This is for obviously because of security so no one will accidentally install this and get potential security issues on their servers.
3. System tray
The system tray has been temporarily removed in the 0.4.0 version it will be added bgack in a future version much improved. Since the system tray is not really an essential feature this is deemed low priority but the idea is to replace it with a configuration interface and proper client.
For 0.3.x you can still us either the old SystemTray module or the newer shared_session as before. For details on this see the System tray installation guide.
4. Testing and Debugging
After you have installed NSClient++ you need to start it. As it is a normal Windows service you can either use the "net start" and "net stop" commands in the command line or you can use the Computer Manager's Services node.
When you are starting and/or configuring your client you can use the "debug" mode which will be very helpful as you will see the debug log in "real time" when you play around with it. To start NSClient++ in test/debug mode use the following command: 0.4.x:
nscp test
0.3.x
NSClient++ /test
5. Windows Firewall
From version 0.3.8 and forward a windows firewall exception for NRPE is installed (optional) if you have another firewall then the built-in one you might have to manually add exceptions to all incoming traafic if you wich to use check_nrpe and/or check_nt.
6. External Firewall (optional)
Firewall configuration should be pretty straight forward:
- If you use NRPEServer (check_nrpe, NRPEListener) you need the NRPE port open (usually 5666) from the nagios server towards the client.
- If you use the NSClientServer (check_nt, NSClientListener) you need the (modified) NSClient port open (usually 12489) from the nagios server towards the client.
- If you use the NSCA Module (passive checks) you need the NSCA port open from the client towards the nagios server. client:* -> nagios:5667
- Also be aware that ports are configurable so if you override the defaults you obviously need to update the firewall rules accordingly.
- There a multitude of other protocol which you can also use with NSCLient++ (including, NRPE, NSCA, Syslog, SMTP, etc etc) so please review what your firewall setup in conjunction with you NSClient++ design.
| Protocol | Source | Source port | Destination | Destination port | Comment |
| NRPE | nagios | <all> | client | 5666 | The nagios server initiates a call to the client on port 5666 |
| NSClient | nagios | <all> | client | 12489 | The nagios server initiates a call to the client on port 12489 |
| NSCA | client | <all> | nagios | 5667 | The client initiates a call to the nagios server on port 5667 |
| NRPE-proxy | client | <all> | remote-client | 5666 | The client initiates a call to the remote client on port 5666 |
- nagios is the IP/host of the main nagios server
- client is the Windows computer where you have installed NSClient++
- remote-client is the "other" client you want to check from NSClient++ (using NSClient++ as a proxy)
All these ports can be changed -- check your nsc.ini.
TracNav
Installing NSClient++ 0.4.x
Using the MSI
The simplest way to install the 0.4.0 version is to use the MSI installer from the site.
Manually
You can install it manually as well (see the manual section?) using the zip distribution.
Linux
Installation for Linux is currently not "supported" so you essentially need to create an init.ds script manually currently.
TracNav
Manual Installation of NSClient++ 0.4.x
Manual installation requires a series of steps some of which can be automated. All this is automatic if you use the MSI file which makes this the easy choice.
The service can be controlled from the NSClient++ command line using the service mode so refer to that page for detailed options and references.
UNzip the files (and/or copy the service)
Unzip the zip and/or copy the files manually using the your favorite tool (I tend to op for "FAR Manager" myself)
Install the service
Service can be installed using the service mode from the command line.
nscp service --help
To install the service use the following command:
nscp service --install --name nscp
This will install the service with a short hand name of nscp this can be changed by altering the --name option.
Setup firewall exception
You need to manually exclude any ports you want to use (normally NRPE (5666)and NSClient (12489)) from the windows firewall.
Start service
Service can be started using the service mode from the command line.
nscp service --help
To install the service use the following command:
nscp service --start --name nscp
This will start the service with the short hand name of nscp this can be changed by altering the --name option.
TracNav
Dependencies for Windows NT4
Since windows NT4 is OLD (yes it is really old and you should think about upgrading) it has some dependencies which I have decided not to resolve easily. This means you need to install some Microsoft components to get tings up and running on Windows NT4.
Hopefully this should not be to hard and not cause you any problems.
PDH library (CPU, memory, etc etc)
NT4 does not come with the PDH library and you need to install that before using NSClient++. PDH can be downloaded from Microsoft: http://support.microsoft.com/default.aspx?scid=kb;en-us;Q284996 and the simplest way to install it is to uncompress it directly into the NSClient++ directory.
PSAPI (process checks)
NT4 (sometimes) lack the PSAPI helper which is available in the "Platform SDK Redistributable: PSAPI for Windows NT" from Microsoft. http://www.microsoft.com/downloads/details.aspx?FamilyID=3d1fbaed-d122-45cf-9d46-1cae384097ac as with the PDH either install in system32 or local NSClient++ directory.
TracNav
Configuration
The configuration is split into two page one for doc/configuration/0.3.x and one for doc/configuration/0.4.x
TracNav
-
Configuration 0.4.x
-
- REMOTE TARGET DEFINITIONS
- PDH COUNTER INFORMATION
- CLIENT HANDLER SECTION
- SYSLOG CLIENT SECTION
- PDH COUNTERS
- NSCA SERVER SECTION
- SMTP CLIENT SECTION
- TARGET DEFENITION
- CLIENT HANDLER SECTION
- TARGET DEFENITION
- LUA SCRIPTS SECTION
- LUA SCRIPTS SECTION
- REMOTE TARGET DEFINITIONS
- NSCLIENT SERVER SECTION
- TARGET DEFENITION
- REMOTE TARGET DEFINITIONS
- SCHEDULER SECTION
- REMOTE TARGET DEFINITIONS
- TARGET DEFENITION
- CLIENT HANDLER SECTION
- REMOTE TARGET DEFINITIONS
- CLIENT HANDLER SECTION
- GRAPHITE CLIENT SECTION
- TASK SCHEDULE
- SHRED SESSION
- LOG SECTION
- NSCA CLIENT SECTION
-
MODULES
- NSCA server (w/ encryption)
- CheckSystem
- CheckTaskSched
- Helper function
- NSCP server
- NSClient server
- NRPE server
- Helper function
- CheckTaskSched2
- CheckDisk
- NRPE client (w/ SSL)
- Scheduler
- PythonScript
- SMTPClient
- SyslogClient
- CheckWMI
- NSCAClient
- NSCP client (w/ SSL)
- Check External Scripts
- LUAScript
- NRDPClient
- Check NSCP
- Event log Checker.
- NSCAClient (without encryption support)
- CLIENT HANDLER SECTION
- EXTERNAL SCRIPT WRAPPINGS SECTION
- SCHEDULER SECTION
- REMOTE TARGET DEFINITIONS
- EXTERNAL SCRIPT SCRIPT SECTION
- CLIENT HANDLER SECTION
- EXTERNAL SCRIPT SECTION
- REMOTE TARGET DEFINITIONS
- TARGET DEFENITION
- CRASH SECTION
- SERVICE MAPPING SECTION
- SMTP CLIENT SECTION
- TARGET DEFENITION
- TARGET LIST SECTION
- LUA SCRIPT SECTION
- NSCP SERVER SECTION
- NRPE SERVER SECTION
- CONFIGURE REALTIME CHECKING
- WINDOWS CHECK SYSTEM
- EXTERNAL SCRIPT WRAPPED SCRIPTS SECTION
- NRPE CLIENT SECTION
- TARGET DEFENITION
- REALTIME FILTERS
- LOG SETTINGS
- CLIENT HANDLER SECTION
-
EXTERNAL SCRIPT ALIAS SECTION
- alias_file_size
- alias_sched_all
- alias_process_hung
- alias_service_ex
- alias_cpu_ex
- alias_sched_task
- alias_service
- alias_event_log
- alias_volumes_loose
- alias_file_age
- alias_process_stopped
- alias_disk
- alias_up
- alias_process_count
- alias_mem
- alias_disk_loose
- alias_cpu
- check_ok
- default
- alias_volumes
- alias_sched_long
- alias_updates
- alias_process
- NSCP CLIENT SECTION
- LUA SCRIPT SECTION
- EVENT LOG SECTION
-
Configuration 0.4.x
For older version please refer to doc/configuration/0.3.x
Configuration is fairly simple and straight forward. But due to flexibility the actual file may be placed in many locations and may not be a file at all (for instance the registry). Regardless of which store you have for configuration the end result is the same. The configuration will consist of a section (path) a key and a value. The path (section) is a hierarchical structure meaning you will find things like /foo/bar/baz or to make real examples /settings/NRPE/server. This is similar to how it was in older version except there we would only have had NRPE in the path (section) name. If your configuration is in a file (and most likely it is) you can edit it using a normal text editor (such as notepad or vi). The file is usually called nsc.ini or nsclient.ini (but this can be changed).
The configuration is as mentioned divided into sections (paths) each with a given name.
The various sections are described in short below. The default configuration file has a lot of examples and comments so make sure you change this before you use NSClient++ as some of the examples might be potential security issues.
Section: /settings/default
Keys:
| Key | Title | Description |
| cache allowed hosts | CACHE ALLOWED HOSTS | If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. |
| allowed hosts | ALLOWED HOSTS | A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. |
| inbox | INBOX | The default channel to post incoming messages on |
| timeout | TIMEOUT | Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. |
| password | PASSWORD | Password used to authenticate against server |
Advanced Keys:
| Key | Title | Description |
| certificate key | SSL CERTIFICATE | TODO |
| certificate format | CERTIFICATE FORMAT | TODO |
| certificate | SSL CERTIFICATE | TODO |
| verify mode | VERIFY MODE | TODO |
| ca | CA | TODO |
| bind to | BIND TO ADDRESS | Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. |
| thread pool | THREAD POOL | TODO |
| allowed ciphers | ALLOWED CIPHERS | TODO |
| socket queue size | LISTEN QUEUE | Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts. |
| use ssl | ENABLE SSL ENCRYPTION | This option controls if SSL should be enabled. |
Sample:
#
#
[/settings/default]
# CACHE ALLOWED HOSTS
# If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server.
cache allowed hosts=1
# SSL CERTIFICATE
#
certificate key=${certificate-path}/certificate_key.pem
# CERTIFICATE FORMAT
#
certificate format=PEM
# SSL CERTIFICATE
#
certificate=${certificate-path}/certificate.pem
# VERIFY MODE
#
verify mode=none
# CA
#
ca=${certificate-path}/ca.pem
# BIND TO ADDRESS
# Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses.
bind to=
# ALLOWED HOSTS
# A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges.
allowed hosts=127.0.0.1
# THREAD POOL
#
thread pool=10
# ALLOWED CIPHERS
#
allowed ciphers=ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
# INBOX
# The default channel to post incoming messages on
inbox=inbox
# TIMEOUT
# Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out.
timeout=30
# LISTEN QUEUE
# Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts.
socket queue size=0
# PASSWORD
# Password used to authenticate against server
password=
# ENABLE SSL ENCRYPTION
# This option controls if SSL should be enabled.
use ssl=0
CACHE ALLOWED HOSTS
Description: If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server.
Key: cache allowed hosts
Default value: 1
Used by: NRPEServer, NSCAServer, NSClientServer, NSCPServer
Sample:
# CACHE ALLOWED HOSTS # If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. [NSCPServer] cache allowed hosts=1
SSL CERTIFICATE
Description:
Advanced: (means it is not commonly used)
Key: certificate key
Default value: ${certificate-path}/certificate_key.pem
Used by: NRPEServer, NSCAServer, NSClientServer, NSCPServer
Sample:
# SSL CERTIFICATE
#
[NSCPServer]
certificate key=${certificate-path}/certificate_key.pem
CERTIFICATE FORMAT
Description:
Advanced: (means it is not commonly used)
Key: certificate format
Default value: PEM
Used by: NRPEServer, NSCAServer, NSClientServer, NSCPServer
Sample:
# CERTIFICATE FORMAT # [NSCPServer] certificate format=PEM
SSL CERTIFICATE
Description:
Advanced: (means it is not commonly used)
Key: certificate
Default value: ${certificate-path}/certificate.pem
Used by: NRPEServer, NSCAServer, NSClientServer, NSCPServer
Sample:
# SSL CERTIFICATE
#
[NSCPServer]
certificate=${certificate-path}/certificate.pem
VERIFY MODE
Description:
Advanced: (means it is not commonly used)
Key: verify mode
Default value: none
Used by: NRPEServer, NSCAServer, NSClientServer, NSCPServer
Sample:
# VERIFY MODE # [NSCPServer] verify mode=none
CA
Description:
Advanced: (means it is not commonly used)
Key: ca
Default value: ${certificate-path}/ca.pem
Used by: NRPEServer, NSCAServer, NSClientServer, NSCPServer
Sample:
# CA
#
[NSCPServer]
ca=${certificate-path}/ca.pem
BIND TO ADDRESS
Description: Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses.
Advanced: (means it is not commonly used)
Key: bind to
Used by: NRPEServer, NSCAServer, NSClientServer, NSCPServer
Sample:
# BIND TO ADDRESS # Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. [NSCPServer] bind to=
ALLOWED HOSTS
Description: A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges.
Key: allowed hosts
Default value: 127.0.0.1
Used by: NRPEServer, NSCAServer, NSClientServer, NSCPServer
Sample:
# ALLOWED HOSTS # A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. [NSCPServer] allowed hosts=127.0.0.1
THREAD POOL
Description:
Advanced: (means it is not commonly used)
Key: thread pool
Default value: 10
Used by: NRPEServer, NSCAServer, NSClientServer, NSCPServer
Sample:
# THREAD POOL # [NSCPServer] thread pool=10
ALLOWED CIPHERS
Description:
Advanced: (means it is not commonly used)
Key: allowed ciphers
Default value: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
Used by: NRPEServer, NSCAServer, NSClientServer, NSCPServer
Sample:
# ALLOWED CIPHERS # [NSCPServer] allowed ciphers=ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
INBOX
Description: The default channel to post incoming messages on
Key: inbox
Default value: inbox
Used by: NRPEServer, NSCAServer, NSClientServer, NSCPServer
Sample:
# INBOX # The default channel to post incoming messages on [NSCPServer] inbox=inbox
TIMEOUT
Description: Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out.
Key: timeout
Default value: 30
Used by: NRPEServer, NSCAServer, NSClientServer, NSCPServer
Sample:
# TIMEOUT # Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. [NSCPServer] timeout=30
LISTEN QUEUE
Description: Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts.
Advanced: (means it is not commonly used)
Key: socket queue size
Default value: 0
Used by: NRPEServer, NSCAServer, NSClientServer, NSCPServer
Sample:
# LISTEN QUEUE # Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts. [NSCPServer] socket queue size=0
PASSWORD
Description: Password used to authenticate against server
Key: password
Used by: NRPEServer, NSCAServer, NSClientServer, NSCPServer
Sample:
# PASSWORD # Password used to authenticate against server [NSCPServer] password=
ENABLE SSL ENCRYPTION
Description: This option controls if SSL should be enabled.
Advanced: (means it is not commonly used)
Key: use ssl
Default value: 0
Used by: NRPEServer, NSCAServer, NSClientServer, NSCPServer
Sample:
# ENABLE SSL ENCRYPTION # This option controls if SSL should be enabled. [NSCPServer] use ssl=0
REMOTE TARGET DEFINITIONS
Section: /settings/SMTP/client/targets
Sample:
# REMOTE TARGET DEFINITIONS # [/settings/SMTP/client/targets]
PDH COUNTER INFORMATION
Section: /settings/check/system/windows/pdh
Sample:
# PDH COUNTER INFORMATION # [/settings/check/system/windows/pdh]
CLIENT HANDLER SECTION
Section: /settings/graphite/client/handlers
Sample:
# CLIENT HANDLER SECTION # [/settings/graphite/client/handlers]
SYSLOG CLIENT SECTION
Section for SYSLOG passive check module.
Section: /settings/syslog/client
Keys:
| Key | Title | Description |
| hostname | HOSTNAME | The host name of this host if set to blank (default) the windows name of the computer will be used. |
| channel | CHANNEL | The channel to listen to. |
Sample:
# SYSLOG CLIENT SECTION # Section for SYSLOG passive check module. [/settings/syslog/client] # HOSTNAME # The host name of this host if set to blank (default) the windows name of the computer will be used. hostname= # CHANNEL # The channel to listen to. channel=syslog
HOSTNAME
Description: The host name of this host if set to blank (default) the windows name of the computer will be used.
Key: hostname
Used by: SyslogClient
Sample:
# HOSTNAME # The host name of this host if set to blank (default) the windows name of the computer will be used. [SyslogClient] hostname=
CHANNEL
Description: The channel to listen to.
Key: channel
Default value: syslog
Used by: SyslogClient
Sample:
# CHANNEL # The channel to listen to. [SyslogClient] channel=syslog
PDH COUNTERS
Section: /settings/check/system/windows/pdh/counters
Sample:
# PDH COUNTERS # [/settings/check/system/windows/pdh/counters]
NSCA SERVER SECTION
Section for NSCA (NSCAServer) (check_nsca) protocol options.
Section: /settings/NSCA/server
Keys:
| Key | Title | Description |
| encryption | ENCRYPTION | Encryption to use |
| payload length | PAYLOAD LENGTH | Length of payload to/from the NSCA agent. This is a hard specific value so you have to "configure" (read recompile) your NSCA agent to use the same value for it to work. |
| performance data | PERFORMANCE DATA | Send performance data back to nagios (set this to 0 to remove all performance data). |
| password | PASSWORD | Password to use |
| port | PORT NUMBER | Port to use for NSCA. |
Advanced Keys:
| Key | Title | Description |
| cache allowed hosts | CACHE ALLOWED HOSTS | If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| socket queue size | LISTEN QUEUE | Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| timeout | TIMEOUT | Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| bind to | BIND TO ADDRESS | Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| allowed hosts | ALLOWED HOSTS | A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| thread pool | THREAD POOL | parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| inbox | INBOX | The default channel to post incoming messages on parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
Sample:
# NSCA SERVER SECTION # Section for NSCA (NSCAServer) (check_nsca) protocol options. [/settings/NSCA/server] # CACHE ALLOWED HOSTS # If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. cache allowed hosts=1 # LISTEN QUEUE # Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. socket queue size=0 # TIMEOUT # Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. timeout=30 # ENCRYPTION # Encryption to use encryption=aes # BIND TO ADDRESS # Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. bind to= # ALLOWED HOSTS # A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. allowed hosts=127.0.0.1 # THREAD POOL # parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. thread pool=10 # PAYLOAD LENGTH # Length of payload to/from the NSCA agent. This is a hard specific value so you have to "configure" (read recompile) your NSCA agent to use the same value for it to work. payload length=512 # INBOX # The default channel to post incoming messages on parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. inbox=inbox # PERFORMANCE DATA # Send performance data back to nagios (set this to 0 to remove all performance data). performance data=1 # PASSWORD # Password to use password= # PORT NUMBER # Port to use for NSCA. port=5667
CACHE ALLOWED HOSTS
Description: If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: cache allowed hosts
Default value: 1
Used by: NSCAServer
Sample:
# CACHE ALLOWED HOSTS # If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSCAServer] cache allowed hosts=1
LISTEN QUEUE
Description: Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: socket queue size
Default value: 0
Used by: NSCAServer
Sample:
# LISTEN QUEUE # Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSCAServer] socket queue size=0
TIMEOUT
Description: Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: timeout
Default value: 30
Used by: NSCAServer
Sample:
# TIMEOUT # Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSCAServer] timeout=30
ENCRYPTION
Description: Encryption to use
Key: encryption
Default value: aes
Used by: NSCAServer
Sample:
# ENCRYPTION # Encryption to use [NSCAServer] encryption=aes
BIND TO ADDRESS
Description: Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: bind to
Used by: NSCAServer
Sample:
# BIND TO ADDRESS # Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSCAServer] bind to=
ALLOWED HOSTS
Description: A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: allowed hosts
Default value: 127.0.0.1
Used by: NSCAServer
Sample:
# ALLOWED HOSTS # A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSCAServer] allowed hosts=127.0.0.1
THREAD POOL
Description: parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: thread pool
Default value: 10
Used by: NSCAServer
Sample:
# THREAD POOL # parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSCAServer] thread pool=10
PAYLOAD LENGTH
Description: Length of payload to/from the NSCA agent. This is a hard specific value so you have to "configure" (read recompile) your NSCA agent to use the same value for it to work.
Key: payload length
Default value: 512
Used by: NSCAServer
Sample:
# PAYLOAD LENGTH # Length of payload to/from the NSCA agent. This is a hard specific value so you have to "configure" (read recompile) your NSCA agent to use the same value for it to work. [NSCAServer] payload length=512
INBOX
Description: The default channel to post incoming messages on parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: inbox
Default value: inbox
Used by: NSCAServer
Sample:
# INBOX # The default channel to post incoming messages on parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSCAServer] inbox=inbox
PERFORMANCE DATA
Description: Send performance data back to nagios (set this to 0 to remove all performance data).
Key: performance data
Default value: 1
Used by: NSCAServer
Sample:
# PERFORMANCE DATA # Send performance data back to nagios (set this to 0 to remove all performance data). [NSCAServer] performance data=1
PASSWORD
Description: Password to use
Key: password
Used by: NSCAServer
Sample:
# PASSWORD # Password to use [NSCAServer] password=
PORT NUMBER
Description: Port to use for NSCA.
Key: port
Default value: 5667
Used by: NSCAServer
Sample:
# PORT NUMBER # Port to use for NSCA. [NSCAServer] port=5667
SMTP CLIENT SECTION
Section for SMTP passive check module.
Section: /settings/NRDP/client
Keys:
| Key | Title | Description |
| hostname | HOSTNAME | The host name of this host if set to blank (default) the windows name of the computer will be used. |
| channel | CHANNEL | The channel to listen to. |
Sample:
# SMTP CLIENT SECTION # Section for SMTP passive check module. [/settings/NRDP/client] # HOSTNAME # The host name of this host if set to blank (default) the windows name of the computer will be used. hostname=auto # CHANNEL # The channel to listen to. channel=NRDP
HOSTNAME
Description: The host name of this host if set to blank (default) the windows name of the computer will be used.
Key: hostname
Default value: auto
Used by: NRDPClient
Sample:
# HOSTNAME # The host name of this host if set to blank (default) the windows name of the computer will be used. [NRDPClient] hostname=auto
CHANNEL
Description: The channel to listen to.
Key: channel
Default value: NRDP
Used by: NRDPClient
Sample:
# CHANNEL # The channel to listen to. [NRDPClient] channel=NRDP
TARGET DEFENITION
Target definition for: default
Section: /settings/syslog/client/targets/default
Keys:
| Key | Title | Description |
| ok severity | TODO | |
| severity | TODO | |
| facility | TODO | |
| critical severity | TODO | |
| message_syntax | TODO | |
| unknown severity | TODO | |
| tag_syntax | TODO | |
| address | TARGET ADDRESS | Target host address |
| warning severity | TODO |
Advanced Keys:
| Key | Title | Description |
| parent | TARGET PARENT | The parent the target inherits from |
| port | TARGET PORT | The target server port |
| alias | TARGET ALIAS | The alias for the target |
| host | TARGET HOST | The target server to report results to. |
| is template | IS TEMPLATE | Declare this object as a template (this means it will not be available as a separate object) |
Sample:
# TARGET DEFENITION # Target definition for: default [/settings/syslog/client/targets/default] # TODO # ok severity=informational # TODO # severity=error # TARGET PARENT # The parent the target inherits from parent=default # TODO # facility=kernel # TODO # critical severity=critical # TODO # message_syntax=%message% # TARGET PORT # The target server port port=0 # TARGET ALIAS # The alias for the target alias=default # TARGET HOST # The target server to report results to. host= # TODO # unknown severity=emergency # TODO # tag_syntax=NSCA # TARGET ADDRESS # Target host address address= # TODO # warning severity=warning # IS TEMPLATE # Declare this object as a template (this means it will not be available as a separate object) is template=0
TODO
Description:
Key: ok severity
Default value: informational
Used by: SyslogClient
Sample:
# TODO # [SyslogClient] ok severity=informational
TODO
Description:
Key: severity
Default value: error
Used by: SyslogClient
Sample:
# TODO # [SyslogClient] severity=error
TARGET PARENT
Description: The parent the target inherits from
Advanced: (means it is not commonly used)
Key: parent
Default value: default
Used by: SyslogClient
Sample:
# TARGET PARENT # The parent the target inherits from [SyslogClient] parent=default
TODO
Description:
Key: facility
Default value: kernel
Used by: SyslogClient
Sample:
# TODO # [SyslogClient] facility=kernel
TODO
Description:
Key: critical severity
Default value: critical
Used by: SyslogClient
Sample:
# TODO # [SyslogClient] critical severity=critical
TODO
Description:
Key: message_syntax
Default value: %message%
Used by: SyslogClient
Sample:
# TODO # [SyslogClient] message_syntax=%message%
TARGET PORT
Description: The target server port
Advanced: (means it is not commonly used)
Key: port
Default value: 0
Used by: SyslogClient
Sample:
# TARGET PORT # The target server port [SyslogClient] port=0
TARGET ALIAS
Description: The alias for the target
Advanced: (means it is not commonly used)
Key: alias
Default value: default
Used by: SyslogClient
Sample:
# TARGET ALIAS # The alias for the target [SyslogClient] alias=default
TARGET HOST
Description: The target server to report results to.
Advanced: (means it is not commonly used)
Key: host
Used by: SyslogClient
Sample:
# TARGET HOST # The target server to report results to. [SyslogClient] host=
TODO
Description:
Key: unknown severity
Default value: emergency
Used by: SyslogClient
Sample:
# TODO # [SyslogClient] unknown severity=emergency
TODO
Description:
Key: tag_syntax
Default value: NSCA
Used by: SyslogClient
Sample:
# TODO # [SyslogClient] tag_syntax=NSCA
TARGET ADDRESS
Description: Target host address
Key: address
Used by: SyslogClient
Sample:
# TARGET ADDRESS # Target host address [SyslogClient] address=
TODO
Description:
Key: warning severity
Default value: warning
Used by: SyslogClient
Sample:
# TODO # [SyslogClient] warning severity=warning
IS TEMPLATE
Description: Declare this object as a template (this means it will not be available as a separate object)
Advanced: (means it is not commonly used)
Key: is template
Default value: 0
Used by: SyslogClient
Sample:
# IS TEMPLATE # Declare this object as a template (this means it will not be available as a separate object) [SyslogClient] is template=0
CLIENT HANDLER SECTION
Section: /settings/NSCA/client/handlers
Sample:
# CLIENT HANDLER SECTION # [/settings/NSCA/client/handlers]
TARGET DEFENITION
Target definition for: default
Section: /settings/graphite/client/targets/default
Keys:
| Key | Title | Description |
| address | TARGET ADDRESS | Target host address |
| path | PATH FOR VALUES |
Advanced Keys:
| Key | Title | Description |
| parent | TARGET PARENT | The parent the target inherits from |
| port | TARGET PORT | The target server port |
| alias | TARGET ALIAS | The alias for the target |
| host | TARGET HOST | The target server to report results to. |
| is template | IS TEMPLATE | Declare this object as a template (this means it will not be available as a separate object) |
Sample:
# TARGET DEFENITION
# Target definition for: default
[/settings/graphite/client/targets/default]
# TARGET PARENT
# The parent the target inherits from
parent=default
# TARGET PORT
# The target server port
port=0
# TARGET ALIAS
# The alias for the target
alias=default
# TARGET HOST
# The target server to report results to.
host=
# TARGET ADDRESS
# Target host address
address=
# PATH FOR VALUES
#
path=system.${hostname}.${check_alias}.${perf_alias}
# IS TEMPLATE
# Declare this object as a template (this means it will not be available as a separate object)
is template=0
TARGET PARENT
Description: The parent the target inherits from
Advanced: (means it is not commonly used)
Key: parent
Default value: default
Used by: GraphiteClient
Sample:
# TARGET PARENT # The parent the target inherits from [GraphiteClient] parent=default
TARGET PORT
Description: The target server port
Advanced: (means it is not commonly used)
Key: port
Default value: 0
Used by: GraphiteClient
Sample:
# TARGET PORT # The target server port [GraphiteClient] port=0
TARGET ALIAS
Description: The alias for the target
Advanced: (means it is not commonly used)
Key: alias
Default value: default
Used by: GraphiteClient
Sample:
# TARGET ALIAS # The alias for the target [GraphiteClient] alias=default
TARGET HOST
Description: The target server to report results to.
Advanced: (means it is not commonly used)
Key: host
Used by: GraphiteClient
Sample:
# TARGET HOST # The target server to report results to. [GraphiteClient] host=
TARGET ADDRESS
Description: Target host address
Key: address
Used by: GraphiteClient
Sample:
# TARGET ADDRESS # Target host address [GraphiteClient] address=
PATH FOR VALUES
Description:
Key: path
Default value: system.${hostname}.${check_alias}.${perf_alias}
Used by: GraphiteClient
Sample:
# PATH FOR VALUES
#
[GraphiteClient]
path=system.${hostname}.${check_alias}.${perf_alias}
IS TEMPLATE
Description: Declare this object as a template (this means it will not be available as a separate object)
Advanced: (means it is not commonly used)
Key: is template
Default value: 0
Used by: GraphiteClient
Sample:
# IS TEMPLATE # Declare this object as a template (this means it will not be available as a separate object) [GraphiteClient] is template=0
LUA SCRIPTS SECTION
A list of scripts available to run from the PythonScript module.
Section: /settings/python/scripts
Sample:
# LUA SCRIPTS SECTION # A list of scripts available to run from the PythonScript module. [/settings/python/scripts]
LUA SCRIPTS SECTION
A list of scripts available to run from the LuaSCript module.
Section: /settings/lua/scripts
Sample:
# LUA SCRIPTS SECTION # A list of scripts available to run from the LuaSCript module. [/settings/lua/scripts]
REMOTE TARGET DEFINITIONS
Section: /settings/graphite/client/targets
Sample:
# REMOTE TARGET DEFINITIONS # [/settings/graphite/client/targets]
NSCLIENT SERVER SECTION
Section for NSClient (NSClientServer.dll) (check_nt) protocol options.
Section: /settings/NSClient/server
Keys:
| Key | Title | Description |
| performance data | PERFORMANCE DATA | Send performance data back to nagios (set this to 0 to remove all performance data). |
| port | PORT NUMBER | Port to use for check_nt. |
Advanced Keys:
| Key | Title | Description |
| cache allowed hosts | CACHE ALLOWED HOSTS | If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| certificate key | SSL CERTIFICATE | TODO |
| certificate format | CERTIFICATE FORMAT | TODO |
| timeout | TIMEOUT | Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| certificate | SSL CERTIFICATE | TODO |
| verify mode | VERIFY MODE | TODO |
| ca | CA | TODO |
| bind to | BIND TO ADDRESS | Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| allowed hosts | ALLOWED HOSTS | A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| thread pool | THREAD POOL | TODO |
| allowed ciphers | ALLOWED CIPHERS | TODO |
| socket queue size | LISTEN QUEUE | Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts. |
| password | PASSWORD | Password used to authenticate against server parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| use ssl | ENABLE SSL ENCRYPTION | This option controls if SSL should be enabled. |
Sample:
# NSCLIENT SERVER SECTION
# Section for NSClient (NSClientServer.dll) (check_nt) protocol options.
[/settings/NSClient/server]
# CACHE ALLOWED HOSTS
# If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
cache allowed hosts=1
# SSL CERTIFICATE
#
certificate key=${certificate-path}/certificate_key.pem
# CERTIFICATE FORMAT
#
certificate format=PEM
# TIMEOUT
# Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
timeout=30
# SSL CERTIFICATE
#
certificate=${certificate-path}/certificate.pem
# VERIFY MODE
#
verify mode=none
# CA
#
ca=${certificate-path}/ca.pem
# BIND TO ADDRESS
# Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
bind to=
# ALLOWED HOSTS
# A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
allowed hosts=127.0.0.1
# THREAD POOL
#
thread pool=10
# ALLOWED CIPHERS
#
allowed ciphers=ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
# PERFORMANCE DATA
# Send performance data back to nagios (set this to 0 to remove all performance data).
performance data=1
# LISTEN QUEUE
# Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts.
socket queue size=0
# PASSWORD
# Password used to authenticate against server parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
password=
# ENABLE SSL ENCRYPTION
# This option controls if SSL should be enabled.
use ssl=0
# PORT NUMBER
# Port to use for check_nt.
port=12489
CACHE ALLOWED HOSTS
Description: If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: cache allowed hosts
Default value: 1
Used by: NSClientServer
Sample:
# CACHE ALLOWED HOSTS # If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSClientServer] cache allowed hosts=1
SSL CERTIFICATE
Description:
Advanced: (means it is not commonly used)
Key: certificate key
Default value: ${certificate-path}/certificate_key.pem
Used by: NSClientServer
Sample:
# SSL CERTIFICATE
#
[NSClientServer]
certificate key=${certificate-path}/certificate_key.pem
CERTIFICATE FORMAT
Description:
Advanced: (means it is not commonly used)
Key: certificate format
Default value: PEM
Used by: NSClientServer
Sample:
# CERTIFICATE FORMAT # [NSClientServer] certificate format=PEM
TIMEOUT
Description: Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: timeout
Default value: 30
Used by: NSClientServer
Sample:
# TIMEOUT # Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSClientServer] timeout=30
SSL CERTIFICATE
Description:
Advanced: (means it is not commonly used)
Key: certificate
Default value: ${certificate-path}/certificate.pem
Used by: NSClientServer
Sample:
# SSL CERTIFICATE
#
[NSClientServer]
certificate=${certificate-path}/certificate.pem
VERIFY MODE
Description:
Advanced: (means it is not commonly used)
Key: verify mode
Default value: none
Used by: NSClientServer
Sample:
# VERIFY MODE # [NSClientServer] verify mode=none
CA
Description:
Advanced: (means it is not commonly used)
Key: ca
Default value: ${certificate-path}/ca.pem
Used by: NSClientServer
Sample:
# CA
#
[NSClientServer]
ca=${certificate-path}/ca.pem
BIND TO ADDRESS
Description: Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: bind to
Used by: NSClientServer
Sample:
# BIND TO ADDRESS # Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSClientServer] bind to=
ALLOWED HOSTS
Description: A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: allowed hosts
Default value: 127.0.0.1
Used by: NSClientServer
Sample:
# ALLOWED HOSTS # A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSClientServer] allowed hosts=127.0.0.1
THREAD POOL
Description:
Advanced: (means it is not commonly used)
Key: thread pool
Default value: 10
Used by: NSClientServer
Sample:
# THREAD POOL # [NSClientServer] thread pool=10
ALLOWED CIPHERS
Description:
Advanced: (means it is not commonly used)
Key: allowed ciphers
Default value: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
Used by: NSClientServer
Sample:
# ALLOWED CIPHERS # [NSClientServer] allowed ciphers=ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
PERFORMANCE DATA
Description: Send performance data back to nagios (set this to 0 to remove all performance data).
Key: performance data
Default value: 1
Used by: NSClientServer
Sample:
# PERFORMANCE DATA # Send performance data back to nagios (set this to 0 to remove all performance data). [NSClientServer] performance data=1
LISTEN QUEUE
Description: Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts.
Advanced: (means it is not commonly used)
Key: socket queue size
Default value: 0
Used by: NSClientServer
Sample:
# LISTEN QUEUE # Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts. [NSClientServer] socket queue size=0
PASSWORD
Description: Password used to authenticate against server parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: password
Used by: NSClientServer
Sample:
# PASSWORD # Password used to authenticate against server parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSClientServer] password=
ENABLE SSL ENCRYPTION
Description: This option controls if SSL should be enabled.
Advanced: (means it is not commonly used)
Key: use ssl
Default value: 0
Used by: NSClientServer
Sample:
# ENABLE SSL ENCRYPTION # This option controls if SSL should be enabled. [NSClientServer] use ssl=0
PORT NUMBER
Description: Port to use for check_nt.
Key: port
Default value: 12489
Used by: NSClientServer
Sample:
# PORT NUMBER # Port to use for check_nt. [NSClientServer] port=12489
TARGET DEFENITION
Target definition for: default
Section: /settings/NRDP/client/targets/default
Keys:
| Key | Title | Description |
| sender | SENDER | Sender of email message |
| timeout | TIMEOUT | Timeout when reading/writing packets to/from sockets. |
| template | TEMPLATE | Template for message data |
| address | TARGET ADDRESS | Target host address |
| recipient | RECIPIENT | Recipient of email message |
Advanced Keys:
| Key | Title | Description |
| parent | TARGET PARENT | The parent the target inherits from |
| is template | IS TEMPLATE | Declare this object as a template (this means it will not be available as a separate object) |
| alias | TARGET ALIAS | The alias for the target |
| host | TARGET HOST | The target server to report results to. |
| port | TARGET PORT | The target server port |
Sample:
# TARGET DEFENITION # Target definition for: default [/settings/NRDP/client/targets/default] # SENDER # Sender of email message sender=nscp@localhost # TARGET PARENT # The parent the target inherits from parent=default # TIMEOUT # Timeout when reading/writing packets to/from sockets. timeout=30 # IS TEMPLATE # Declare this object as a template (this means it will not be available as a separate object) is template=0 # TARGET ALIAS # The alias for the target alias=default # TARGET HOST # The target server to report results to. host= # TEMPLATE # Template for message data template=Hello, this is %source% reporting %message%! # TARGET ADDRESS # Target host address address= # RECIPIENT # Recipient of email message recipient=nscp@localhost # TARGET PORT # The target server port port=0
SENDER
Description: Sender of email message
Key: sender
Default value: nscp@localhost
Used by: NRDPClient
Sample:
# SENDER # Sender of email message [NRDPClient] sender=nscp@localhost
TARGET PARENT
Description: The parent the target inherits from
Advanced: (means it is not commonly used)
Key: parent
Default value: default
Used by: NRDPClient
Sample:
# TARGET PARENT # The parent the target inherits from [NRDPClient] parent=default
TIMEOUT
Description: Timeout when reading/writing packets to/from sockets.
Key: timeout
Default value: 30
Used by: NRDPClient
Sample:
# TIMEOUT # Timeout when reading/writing packets to/from sockets. [NRDPClient] timeout=30
IS TEMPLATE
Description: Declare this object as a template (this means it will not be available as a separate object)
Advanced: (means it is not commonly used)
Key: is template
Default value: 0
Used by: NRDPClient
Sample:
# IS TEMPLATE # Declare this object as a template (this means it will not be available as a separate object) [NRDPClient] is template=0
TARGET ALIAS
Description: The alias for the target
Advanced: (means it is not commonly used)
Key: alias
Default value: default
Used by: NRDPClient
Sample:
# TARGET ALIAS # The alias for the target [NRDPClient] alias=default
TARGET HOST
Description: The target server to report results to.
Advanced: (means it is not commonly used)
Key: host
Used by: NRDPClient
Sample:
# TARGET HOST # The target server to report results to. [NRDPClient] host=
TEMPLATE
Description: Template for message data
Key: template
Default value: Hello, this is %source% reporting %message%!
Used by: NRDPClient
Sample:
# TEMPLATE # Template for message data [NRDPClient] template=Hello, this is %source% reporting %message%!
TARGET ADDRESS
Description: Target host address
Key: address
Used by: NRDPClient
Sample:
# TARGET ADDRESS # Target host address [NRDPClient] address=
RECIPIENT
Description: Recipient of email message
Key: recipient
Default value: nscp@localhost
Used by: NRDPClient
Sample:
# RECIPIENT # Recipient of email message [NRDPClient] recipient=nscp@localhost
TARGET PORT
Description: The target server port
Advanced: (means it is not commonly used)
Key: port
Default value: 0
Used by: NRDPClient
Sample:
# TARGET PORT # The target server port [NRDPClient] port=0
REMOTE TARGET DEFINITIONS
Section: /settings/NRPE/client/targets
Sample:
# REMOTE TARGET DEFINITIONS # [/settings/NRPE/client/targets]
SCHEDULER SECTION
Section for the Scheduler module.
Section: /settings/scheduler/schedules
Sample:
# SCHEDULER SECTION # Section for the Scheduler module. [/settings/scheduler/schedules]
REMOTE TARGET DEFINITIONS
Section: /settings/nscp/client/targets
Sample:
# REMOTE TARGET DEFINITIONS # [/settings/nscp/client/targets]
TARGET DEFENITION
Target definition for: default
Section: /settings/nscp/client/targets/default
Keys:
| Key | Title | Description |
| certificate | SSL CERTIFICATE | |
| timeout | TIMEOUT | Timeout when reading/writing packets to/from sockets. |
| address | TARGET ADDRESS | Target host address |
| use ssl | ENABLE SSL ENCRYPTION | This option controls if SSL should be enabled. |
Advanced Keys:
| Key | Title | Description |
| parent | TARGET PARENT | The parent the target inherits from |
| port | TARGET PORT | The target server port |
| alias | TARGET ALIAS | The alias for the target |
| host | TARGET HOST | The target server to report results to. |
| is template | IS TEMPLATE | Declare this object as a template (this means it will not be available as a separate object) |
Sample:
# TARGET DEFENITION
# Target definition for: default
[/settings/nscp/client/targets/default]
# SSL CERTIFICATE
#
certificate=${certificate-path}/nrpe_dh_512.pem
# TARGET PARENT
# The parent the target inherits from
parent=default
# TARGET PORT
# The target server port
port=0
# TARGET ALIAS
# The alias for the target
alias=default
# TARGET HOST
# The target server to report results to.
host=
# TIMEOUT
# Timeout when reading/writing packets to/from sockets.
timeout=30
# TARGET ADDRESS
# Target host address
address=
# ENABLE SSL ENCRYPTION
# This option controls if SSL should be enabled.
use ssl=1
# IS TEMPLATE
# Declare this object as a template (this means it will not be available as a separate object)
is template=0
SSL CERTIFICATE
Description:
Key: certificate
Default value: ${certificate-path}/nrpe_dh_512.pem
Used by: NSCPClient
Sample:
# SSL CERTIFICATE
#
[NSCPClient]
certificate=${certificate-path}/nrpe_dh_512.pem
TARGET PARENT
Description: The parent the target inherits from
Advanced: (means it is not commonly used)
Key: parent
Default value: default
Used by: NSCPClient
Sample:
# TARGET PARENT # The parent the target inherits from [NSCPClient] parent=default
TARGET PORT
Description: The target server port
Advanced: (means it is not commonly used)
Key: port
Default value: 0
Used by: NSCPClient
Sample:
# TARGET PORT # The target server port [NSCPClient] port=0
TARGET ALIAS
Description: The alias for the target
Advanced: (means it is not commonly used)
Key: alias
Default value: default
Used by: NSCPClient
Sample:
# TARGET ALIAS # The alias for the target [NSCPClient] alias=default
TARGET HOST
Description: The target server to report results to.
Advanced: (means it is not commonly used)
Key: host
Used by: NSCPClient
Sample:
# TARGET HOST # The target server to report results to. [NSCPClient] host=
TIMEOUT
Description: Timeout when reading/writing packets to/from sockets.
Key: timeout
Default value: 30
Used by: NSCPClient
Sample:
# TIMEOUT # Timeout when reading/writing packets to/from sockets. [NSCPClient] timeout=30
TARGET ADDRESS
Description: Target host address
Key: address
Used by: NSCPClient
Sample:
# TARGET ADDRESS # Target host address [NSCPClient] address=
ENABLE SSL ENCRYPTION
Description: This option controls if SSL should be enabled.
Key: use ssl
Default value: 1
Used by: NSCPClient
Sample:
# ENABLE SSL ENCRYPTION # This option controls if SSL should be enabled. [NSCPClient] use ssl=1
IS TEMPLATE
Description: Declare this object as a template (this means it will not be available as a separate object)
Advanced: (means it is not commonly used)
Key: is template
Default value: 0
Used by: NSCPClient
Sample:
# IS TEMPLATE # Declare this object as a template (this means it will not be available as a separate object) [NSCPClient] is template=0
CLIENT HANDLER SECTION
Section: /settings/NRPE/client/handlers
Sample:
# CLIENT HANDLER SECTION # [/settings/NRPE/client/handlers]
REMOTE TARGET DEFINITIONS
Section: /settings/NRDP/client/targets
Sample:
# REMOTE TARGET DEFINITIONS # [/settings/NRDP/client/targets]
CLIENT HANDLER SECTION
Section: /settings/NRDP/client/handlers
Sample:
# CLIENT HANDLER SECTION # [/settings/NRDP/client/handlers]
GRAPHITE CLIENT SECTION
Section for graphite passive check module.
Section: /settings/graphite/client
Keys:
| Key | Title | Description |
| hostname | HOSTNAME | The host name of this host if set to blank (default) the windows name of the computer will be used. |
| channel | CHANNEL | The channel to listen to. |
Sample:
# GRAPHITE CLIENT SECTION # Section for graphite passive check module. [/settings/graphite/client] # HOSTNAME # The host name of this host if set to blank (default) the windows name of the computer will be used. hostname=auto # CHANNEL # The channel to listen to. channel=GRAPHITE
HOSTNAME
Description: The host name of this host if set to blank (default) the windows name of the computer will be used.
Key: hostname
Default value: auto
Used by: GraphiteClient
Sample:
# HOSTNAME # The host name of this host if set to blank (default) the windows name of the computer will be used. [GraphiteClient] hostname=auto
CHANNEL
Description: The channel to listen to.
Key: channel
Default value: GRAPHITE
Used by: GraphiteClient
Sample:
# CHANNEL # The channel to listen to. [GraphiteClient] channel=GRAPHITE
TASK SCHEDULE
Section for system checks and system settings
Section: /settings/check/task schedule
Keys:
| Key | Title | Description |
| default buffer length | SYNTAX | Set this to use a specific syntax string for all commands (that don't specify one) |
Sample:
# TASK SCHEDULE # Section for system checks and system settings [/settings/check/task schedule] # SYNTAX # Set this to use a specific syntax string for all commands (that don't specify one) default buffer length=%title% last run: %most-recent-run-time% (%exit-code%)
SYNTAX
Description: Set this to use a specific syntax string for all commands (that don't specify one)
Key: default buffer length
Default value: %title% last run: %most-recent-run-time% (%exit-code%)
Used by: CheckTaskSched, CheckTaskSched2
Sample:
# SYNTAX # Set this to use a specific syntax string for all commands (that don't specify one) [CheckTaskSched2] default buffer length=%title% last run: %most-recent-run-time% (%exit-code%)
SHRED SESSION
Section for configuring the shared session.
Section: /settings/shared session
Keys:
| Key | Title | Description |
| enabled | LOG LEVEL | Log level to use |
Sample:
# SHRED SESSION # Section for configuring the shared session. [/settings/shared session] # LOG LEVEL # Log level to use enabled=0
LOG LEVEL
Description: Log level to use
Key: enabled
Default value: 0
Used by: [[]]
Sample:
# LOG LEVEL # Log level to use [] enabled=0
LOG SECTION
Configure log file properties.
Section: /settings/log/file
Keys:
| Key | Title | Description |
| max size | MAXIMUM FILE SIZE | When file size reaches this it will be truncated to 50% if set to 0 (default) truncation will be disabled |
Sample:
# LOG SECTION # Configure log file properties. [/settings/log/file] # MAXIMUM FILE SIZE # When file size reaches this it will be truncated to 50% if set to 0 (default) truncation will be disabled max size=0
MAXIMUM FILE SIZE
Description: When file size reaches this it will be truncated to 50% if set to 0 (default) truncation will be disabled
Key: max size
Default value: 0
Used by: [[]]
Sample:
# MAXIMUM FILE SIZE # When file size reaches this it will be truncated to 50% if set to 0 (default) truncation will be disabled [] max size=0
NSCA CLIENT SECTION
Section for NSCA passive check module.
Section: /settings/NSCA/client
Keys:
| Key | Title | Description |
| hostname | HOSTNAME | The host name of this host if set to blank (default) the windows name of the computer will be used. |
| channel | CHANNEL | The channel to listen to. |
Advanced Keys:
| Key | Title | Description |
| delay | DELAY | TODO |
Sample:
# NSCA CLIENT SECTION # Section for NSCA passive check module. [/settings/NSCA/client] # DELAY # delay=0 # HOSTNAME # The host name of this host if set to blank (default) the windows name of the computer will be used. hostname=auto # CHANNEL # The channel to listen to. channel=NSCA
DELAY
Description:
Advanced: (means it is not commonly used)
Key: delay
Default value: 0
Used by: NSCAClient
Sample:
# DELAY # [NSCAClient] delay=0
HOSTNAME
Description: The host name of this host if set to blank (default) the windows name of the computer will be used.
Key: hostname
Default value: auto
Used by: NSCAClient
Sample:
# HOSTNAME # The host name of this host if set to blank (default) the windows name of the computer will be used. [NSCAClient] hostname=auto
CHANNEL
Description: The channel to listen to.
Key: channel
Default value: NSCA
Used by: NSCAClient
Sample:
# CHANNEL # The channel to listen to. [NSCAClient] channel=NSCA
MODULES
A list of modules.
Section: /modules
Keys:
| Key | Title | Description |
| NSCAServer | NSCA server (w/ encryption) | A simple server that listens for incoming NSCA connection and handles them. |
available crypto are: {0=No Encryption (not safe), 1=XOR, 2=DES, 3=DES-EDE3, 4=CAST-128, 6=XTEA, 8=Blowfish, 9=Twofish, 11=RC2, 14=AES, 15=AES, 16=AES, 20=Serpent, 23=GOST}
| CheckSystem | CheckSystem | Various system related checks, such as CPU load, process state, service state memory usage and PDH counters. |
| CheckTaskSched | CheckTaskSched | CheckTaskSched can check various file and disk related things. |
The current version has commands to check Size of hard drives and directories.
| CheckHelpers | Helper function | Various helper function to extend other checks. |
This is also only supported through NRPE.
| NSCPServer | NSCP server | A simple server that listens for incoming NSCP connection and handles them. |
| NSClientServer | NSClient server | A simple server that listens for incoming NSClient (check_nt) connection and handles them. |
Although NRPE is the preferred method NSClient is fully supported and can be used for simplicity or for compatibility.
| NRPEServer | NRPE server | A simple server that listens for incoming NRPE connection and handles them. |
| CauseCrashes | Helper function | Various helper function to extend other checks. |
This is also only supported through NRPE.
| CheckTaskSched2 | CheckTaskSched2 | CheckTaskSched2 can check various file and disk related things. |
The current version has commands to check Size of hard drives and directories.
| CheckDisk | CheckDisk | CheckDisk can check various file and disk related things. |
The current version has commands to check Size of hard drives and directories.
| NRPEClient | NRPE client (w/ SSL) | A simple client for checking remote NRPE servers (think proxy). |
| Scheduler | Scheduler | A scheduler which schedules checks at regular intervals |
| PythonScript | PythonScript | PythonScript... |
| SMTPClient | SMTPClient | Passive check support via SMTP |
| SyslogClient | SyslogClient | Passive check support via Syslog |
| CheckWMI | CheckWMI | CheckWMI can check various file and disk related things. |
The current version has commands to check Size of hard drives and directories.
| NSCAClient | NSCAClient | Passive check support over NSCA. |
available crypto are: {0=No Encryption (not safe), 1=XOR, 2=DES, 3=DES-EDE3, 4=CAST-128, 6=XTEA, 8=Blowfish, 9=Twofish, 11=RC2, 14=AES, 15=AES, 16=AES, 20=Serpent, 23=GOST}
| NSCPClient | NSCP client (w/ SSL) | A simple client for checking remote NSCP servers (think proxy). |
| CheckExternalScripts | Check External Scripts | A simple wrapper to run external scripts and batch files. |
| LUAScript | LUAScript | LUAScript... |
| NRDPClient | NRDPClient | Passive check support over NRDP |
| CheckNSCP | Check NSCP | Checkes the state of the agent |
| CheckEventLog | Event log Checker. | Check for errors and warnings in the event log. |
This is only supported through NRPE so if you plan to use only NSClient this wont help you at all.
| GraphiteClient | NSCAClient (without encryption support) | Graphite client |
Sample:
# MODULES
# A list of modules.
[/modules]
# NSCA server (w/ encryption)
# A simple server that listens for incoming NSCA connection and handles them.
available crypto are: {0=No Encryption (not safe), 1=XOR, 2=DES, 3=DES-EDE3, 4=CAST-128, 6=XTEA, 8=Blowfish, 9=Twofish, 11=RC2, 14=AES, 15=AES, 16=AES, 20=Serpent, 23=GOST}
NSCAServer=0
# CheckSystem
# Various system related checks, such as CPU load, process state, service state memory usage and PDH counters.
CheckSystem=0
# CheckTaskSched
# CheckTaskSched can check various file and disk related things.
The current version has commands to check Size of hard drives and directories.
CheckTaskSched=0
# Helper function
# Various helper function to extend other checks.
This is also only supported through NRPE.
CheckHelpers=0
# NSCP server
# A simple server that listens for incoming NSCP connection and handles them.
NSCPServer=0
# NSClient server
# A simple server that listens for incoming NSClient (check_nt) connection and handles them.
Although NRPE is the preferred method NSClient is fully supported and can be used for simplicity or for compatibility.
NSClientServer=0
# NRPE server
# A simple server that listens for incoming NRPE connection and handles them.
NRPEServer=0
# Helper function
# Various helper function to extend other checks.
This is also only supported through NRPE.
CauseCrashes=0
# CheckTaskSched2
# CheckTaskSched2 can check various file and disk related things.
The current version has commands to check Size of hard drives and directories.
CheckTaskSched2=0
# CheckDisk
# CheckDisk can check various file and disk related things.
The current version has commands to check Size of hard drives and directories.
CheckDisk=0
# NRPE client (w/ SSL)
# A simple client for checking remote NRPE servers (think proxy).
NRPEClient=0
# Scheduler
# A scheduler which schedules checks at regular intervals
Scheduler=0
# PythonScript
# PythonScript...
PythonScript=0
# SMTPClient
# Passive check support via SMTP
SMTPClient=0
# SyslogClient
# Passive check support via Syslog
SyslogClient=0
# CheckWMI
# CheckWMI can check various file and disk related things.
The current version has commands to check Size of hard drives and directories.
CheckWMI=0
# NSCAClient
# Passive check support over NSCA.
available crypto are: {0=No Encryption (not safe), 1=XOR, 2=DES, 3=DES-EDE3, 4=CAST-128, 6=XTEA, 8=Blowfish, 9=Twofish, 11=RC2, 14=AES, 15=AES, 16=AES, 20=Serpent, 23=GOST}
NSCAClient=0
# NSCP client (w/ SSL)
# A simple client for checking remote NSCP servers (think proxy).
NSCPClient=0
# Check External Scripts
# A simple wrapper to run external scripts and batch files.
CheckExternalScripts=0
# LUAScript
# LUAScript...
LUAScript=0
# NRDPClient
# Passive check support over NRDP
NRDPClient=0
# Check NSCP
# Checkes the state of the agent
CheckNSCP=0
# Event log Checker.
# Check for errors and warnings in the event log.
This is only supported through NRPE so if you plan to use only NSClient this wont help you at all.
CheckEventLog=0
# NSCAClient (without encryption support)
# Graphite client
GraphiteClient=0
NSCA server (w/ encryption)
Description: A simple server that listens for incoming NSCA connection and handles them. available crypto are: {0=No Encryption (not safe), 1=XOR, 2=DES, 3=DES-EDE3, 4=CAST-128, 6=XTEA, 8=Blowfish, 9=Twofish, 11=RC2, 14=AES, 15=AES, 16=AES, 20=Serpent, 23=GOST}
Key: NSCAServer
Default value: 0
Used by: [[]]
Sample:
# NSCA server (w/ encryption)
# A simple server that listens for incoming NSCA connection and handles them.
available crypto are: {0=No Encryption (not safe), 1=XOR, 2=DES, 3=DES-EDE3, 4=CAST-128, 6=XTEA, 8=Blowfish, 9=Twofish, 11=RC2, 14=AES, 15=AES, 16=AES, 20=Serpent, 23=GOST}
[]
NSCAServer=0
CheckSystem
Description: Various system related checks, such as CPU load, process state, service state memory usage and PDH counters.
Key: CheckSystem
Default value: 0
Used by: [[]]
Sample:
# CheckSystem # Various system related checks, such as CPU load, process state, service state memory usage and PDH counters. [] CheckSystem=0
CheckTaskSched
Description: CheckTaskSched can check various file and disk related things. The current version has commands to check Size of hard drives and directories.
Key: CheckTaskSched
Default value: 0
Used by: [[]]
Sample:
# CheckTaskSched # CheckTaskSched can check various file and disk related things. The current version has commands to check Size of hard drives and directories. [] CheckTaskSched=0
Helper function
Description: Various helper function to extend other checks. This is also only supported through NRPE.
Key: CheckHelpers
Default value: 0
Used by: [[]]
Sample:
# Helper function # Various helper function to extend other checks. This is also only supported through NRPE. [] CheckHelpers=0
NSCP server
Description: A simple server that listens for incoming NSCP connection and handles them.
Key: NSCPServer
Default value: 0
Used by: [[]]
Sample:
# NSCP server # A simple server that listens for incoming NSCP connection and handles them. [] NSCPServer=0
NSClient server
Description: A simple server that listens for incoming NSClient (check_nt) connection and handles them. Although NRPE is the preferred method NSClient is fully supported and can be used for simplicity or for compatibility.
Key: NSClientServer
Default value: 0
Used by: [[]]
Sample:
# NSClient server # A simple server that listens for incoming NSClient (check_nt) connection and handles them. Although NRPE is the preferred method NSClient is fully supported and can be used for simplicity or for compatibility. [] NSClientServer=0
NRPE server
Description: A simple server that listens for incoming NRPE connection and handles them.
Key: NRPEServer
Default value: 0
Used by: [[]]
Sample:
# NRPE server # A simple server that listens for incoming NRPE connection and handles them. [] NRPEServer=0
Helper function
Description: Various helper function to extend other checks. This is also only supported through NRPE.
Key: CauseCrashes
Default value: 0
Used by: [[]]
Sample:
# Helper function # Various helper function to extend other checks. This is also only supported through NRPE. [] CauseCrashes=0
CheckTaskSched2
Description: CheckTaskSched2 can check various file and disk related things. The current version has commands to check Size of hard drives and directories.
Key: CheckTaskSched2
Default value: 0
Used by: [[]]
Sample:
# CheckTaskSched2 # CheckTaskSched2 can check various file and disk related things. The current version has commands to check Size of hard drives and directories. [] CheckTaskSched2=0
CheckDisk
Description: CheckDisk can check various file and disk related things. The current version has commands to check Size of hard drives and directories.
Key: CheckDisk
Default value: 0
Used by: [[]]
Sample:
# CheckDisk # CheckDisk can check various file and disk related things. The current version has commands to check Size of hard drives and directories. [] CheckDisk=0
NRPE client (w/ SSL)
Description: A simple client for checking remote NRPE servers (think proxy).
Key: NRPEClient
Default value: 0
Used by: [[]]
Sample:
# NRPE client (w/ SSL) # A simple client for checking remote NRPE servers (think proxy). [] NRPEClient=0
Scheduler
Description: A scheduler which schedules checks at regular intervals
Key: Scheduler
Default value: 0
Used by: [[]]
Sample:
# Scheduler # A scheduler which schedules checks at regular intervals [] Scheduler=0
PythonScript
Description: PythonScript...
Key: PythonScript
Default value: 0
Used by: [[]]
Sample:
# PythonScript # PythonScript... [] PythonScript=0
SMTPClient
Description: Passive check support via SMTP
Key: SMTPClient
Default value: 0
Used by: [[]]
Sample:
# SMTPClient # Passive check support via SMTP [] SMTPClient=0
SyslogClient
Description: Passive check support via Syslog
Key: SyslogClient
Default value: 0
Used by: [[]]
Sample:
# SyslogClient # Passive check support via Syslog [] SyslogClient=0
CheckWMI
Description: CheckWMI can check various file and disk related things. The current version has commands to check Size of hard drives and directories.
Key: CheckWMI
Default value: 0
Used by: [[]]
Sample:
# CheckWMI # CheckWMI can check various file and disk related things. The current version has commands to check Size of hard drives and directories. [] CheckWMI=0
NSCAClient
Description: Passive check support over NSCA. available crypto are: {0=No Encryption (not safe), 1=XOR, 2=DES, 3=DES-EDE3, 4=CAST-128, 6=XTEA, 8=Blowfish, 9=Twofish, 11=RC2, 14=AES, 15=AES, 16=AES, 20=Serpent, 23=GOST}
Key: NSCAClient
Default value: 0
Used by: [[]]
Sample:
# NSCAClient
# Passive check support over NSCA.
available crypto are: {0=No Encryption (not safe), 1=XOR, 2=DES, 3=DES-EDE3, 4=CAST-128, 6=XTEA, 8=Blowfish, 9=Twofish, 11=RC2, 14=AES, 15=AES, 16=AES, 20=Serpent, 23=GOST}
[]
NSCAClient=0
NSCP client (w/ SSL)
Description: A simple client for checking remote NSCP servers (think proxy).
Key: NSCPClient
Default value: 0
Used by: [[]]
Sample:
# NSCP client (w/ SSL) # A simple client for checking remote NSCP servers (think proxy). [] NSCPClient=0
Check External Scripts
Description: A simple wrapper to run external scripts and batch files.
Key: CheckExternalScripts
Default value: 0
Used by: [[]]
Sample:
# Check External Scripts # A simple wrapper to run external scripts and batch files. [] CheckExternalScripts=0
LUAScript
Description: LUAScript...
Key: LUAScript
Default value: 0
Used by: [[]]
Sample:
# LUAScript # LUAScript... [] LUAScript=0
NRDPClient
Description: Passive check support over NRDP
Key: NRDPClient
Default value: 0
Used by: [[]]
Sample:
# NRDPClient # Passive check support over NRDP [] NRDPClient=0
Check NSCP
Description: Checkes the state of the agent
Key: CheckNSCP
Default value: 0
Used by: [[]]
Sample:
# Check NSCP # Checkes the state of the agent [] CheckNSCP=0
Event log Checker.
Description: Check for errors and warnings in the event log. This is only supported through NRPE so if you plan to use only NSClient this wont help you at all.
Key: CheckEventLog
Default value: 0
Used by: [[]]
Sample:
# Event log Checker. # Check for errors and warnings in the event log. This is only supported through NRPE so if you plan to use only NSClient this wont help you at all. [] CheckEventLog=0
NSCAClient (without encryption support)
Description: Graphite client
Key: GraphiteClient
Default value: 0
Used by: [[]]
Sample:
# NSCAClient (without encryption support) # Graphite client [] GraphiteClient=0
CLIENT HANDLER SECTION
Section: /settings/SMTP/client/handlers
Sample:
# CLIENT HANDLER SECTION # [/settings/SMTP/client/handlers]
EXTERNAL SCRIPT WRAPPINGS SECTION
A list of templates for wrapped scripts
Section: /settings/external scripts/wrappings
Keys:
| Key | Title | Description |
| vbs | VISUAL BASIC WRAPPING | |
| bat | BATCH FILE WRAPPING | |
| ps1 | POWERSHELL WRAPPING |
Sample:
# EXTERNAL SCRIPT WRAPPINGS SECTION # A list of templates for wrapped scripts [/settings/external scripts/wrappings] # VISUAL BASIC WRAPPING # vbs=cscript.exe //T:30 //NoLogo scripts\\lib\\wrapper.vbs %SCRIPT% %ARGS% # BATCH FILE WRAPPING # bat=scripts\\%SCRIPT% %ARGS% # POWERSHELL WRAPPING # ps1=cmd /c echo scripts\\%SCRIPT% %ARGS%; exit($lastexitcode) | powershell.exe -command -
VISUAL BASIC WRAPPING
Description:
Key: vbs
Default value: cscript.exe T:30 NoLogo scripts
lib
wrapper.vbs %SCRIPT% %ARGS%
Used by: CheckExternalScripts
Sample:
# VISUAL BASIC WRAPPING # [CheckExternalScripts] vbs=cscript.exe //T:30 //NoLogo scripts\\lib\\wrapper.vbs %SCRIPT% %ARGS%
BATCH FILE WRAPPING
Description:
Key: bat
Default value: scripts
%SCRIPT% %ARGS%
Used by: CheckExternalScripts
Sample:
# BATCH FILE WRAPPING # [CheckExternalScripts] bat=scripts\\%SCRIPT% %ARGS%
POWERSHELL WRAPPING
Description:
Key: ps1
Default value: cmd /c echo scripts
%SCRIPT% %ARGS%; exit($lastexitcode) | powershell.exe -command -
Used by: CheckExternalScripts
Sample:
# POWERSHELL WRAPPING # [CheckExternalScripts] ps1=cmd /c echo scripts\\%SCRIPT% %ARGS%; exit($lastexitcode) | powershell.exe -command -
SCHEDULER SECTION
Section for the Scheduler module.
Section: /settings/scheduler
Keys:
| Key | Title | Description |
| threads | THREAD COUNT | Number of threads to use. |
Sample:
# SCHEDULER SECTION # Section for the Scheduler module. [/settings/scheduler] # THREAD COUNT # Number of threads to use. threads=5
THREAD COUNT
Description: Number of threads to use.
Key: threads
Default value: 5
Used by: Scheduler
Sample:
# THREAD COUNT # Number of threads to use. [Scheduler] threads=5
REMOTE TARGET DEFINITIONS
Section: /settings/NSCA/client/targets
Sample:
# REMOTE TARGET DEFINITIONS # [/settings/NSCA/client/targets]
EXTERNAL SCRIPT SCRIPT SECTION
A list of scripts available to run from the CheckExternalScripts module. Syntax is: <command>=<script> <arguments>
Section: /settings/external scripts/scripts
Sample:
# EXTERNAL SCRIPT SCRIPT SECTION # A list of scripts available to run from the CheckExternalScripts module. Syntax is: <command>=<script> <arguments> [/settings/external scripts/scripts]
CLIENT HANDLER SECTION
Section: /settings/nscp/client/handlers
Sample:
# CLIENT HANDLER SECTION # [/settings/nscp/client/handlers]
EXTERNAL SCRIPT SECTION
Section for external scripts configuration options (CheckExternalScripts).
Section: /settings/external scripts
Keys:
| Key | Title | Description |
| timeout | COMMAND TIMEOUT | The maximum time in seconds that a command can execute. (if more than this execution will be aborted). NOTICE this only affects external commands not internal ones. |
| allow arguments | COMMAND ARGUMENT PROCESSING | This option determines whether or not we will allow clients to specify arguments to commands that are executed. |
| script path | SCRIPT DIRECTORY | Load all scripts in a directory and use them as commands. Probably dangerous but useful if you have loads of scripts :) |
| allow nasty characters | COMMAND ALLOW NASTY META CHARS | This option determines whether or not we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments. |
Sample:
# EXTERNAL SCRIPT SECTION
# Section for external scripts configuration options (CheckExternalScripts).
[/settings/external scripts]
# COMMAND TIMEOUT
# The maximum time in seconds that a command can execute. (if more than this execution will be aborted). NOTICE this only affects external commands not internal ones.
timeout=60
# COMMAND ARGUMENT PROCESSING
# This option determines whether or not we will allow clients to specify arguments to commands that are executed.
allow arguments=0
# SCRIPT DIRECTORY
# Load all scripts in a directory and use them as commands. Probably dangerous but useful if you have loads of scripts :)
script path=
# COMMAND ALLOW NASTY META CHARS
# This option determines whether or not we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
allow nasty characters=0
COMMAND TIMEOUT
Description: The maximum time in seconds that a command can execute. (if more than this execution will be aborted). NOTICE this only affects external commands not internal ones.
Key: timeout
Default value: 60
Used by: CheckExternalScripts
Sample:
# COMMAND TIMEOUT # The maximum time in seconds that a command can execute. (if more than this execution will be aborted). NOTICE this only affects external commands not internal ones. [CheckExternalScripts] timeout=60
COMMAND ARGUMENT PROCESSING
Description: This option determines whether or not we will allow clients to specify arguments to commands that are executed.
Key: allow arguments
Default value: 0
Used by: CheckExternalScripts
Sample:
# COMMAND ARGUMENT PROCESSING # This option determines whether or not we will allow clients to specify arguments to commands that are executed. [CheckExternalScripts] allow arguments=0
SCRIPT DIRECTORY
Description: Load all scripts in a directory and use them as commands. Probably dangerous but useful if you have loads of scripts :)
Key: script path
Used by: CheckExternalScripts
Sample:
# SCRIPT DIRECTORY # Load all scripts in a directory and use them as commands. Probably dangerous but useful if you have loads of scripts :) [CheckExternalScripts] script path=
COMMAND ALLOW NASTY META CHARS
Description: This option determines whether or not we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
Key: allow nasty characters
Default value: 0
Used by: CheckExternalScripts
Sample:
# COMMAND ALLOW NASTY META CHARS
# This option determines whether or not we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
[CheckExternalScripts]
allow nasty characters=0
REMOTE TARGET DEFINITIONS
Section: /settings/syslog/client/targets
Sample:
# REMOTE TARGET DEFINITIONS # [/settings/syslog/client/targets]
TARGET DEFENITION
Target definition for: default
Section: /settings/NSCA/client/targets/default
Keys:
| Key | Title | Description |
| encryption | ENCRYPTION METHOD | Number corresponding to the various encryption algorithms (see the wiki). Has to be the same as the server or it wont work at all. |
| timeout | TIMEOUT | Timeout when reading/writing packets to/from sockets. |
| address | TARGET ADDRESS | Target host address |
| password | PASSWORD | The password to use. Again has to be the same as the server or it wont work at all. |
Advanced Keys:
| Key | Title | Description |
| time offset | TIME OFFSET | Time offset. |
| parent | TARGET PARENT | The parent the target inherits from |
| port | TARGET PORT | The target server port |
| alias | TARGET ALIAS | The alias for the target |
| host | TARGET HOST | The target server to report results to. |
| payload length | PAYLOAD LENGTH | Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work. |
| is template | IS TEMPLATE | Declare this object as a template (this means it will not be available as a separate object) |
Sample:
# TARGET DEFENITION # Target definition for: default [/settings/NSCA/client/targets/default] # TIME OFFSET # Time offset. time offset=0 # TARGET PARENT # The parent the target inherits from parent=default # ENCRYPTION METHOD # Number corresponding to the various encryption algorithms (see the wiki). Has to be the same as the server or it wont work at all. encryption=aes # TARGET PORT # The target server port port=0 # TARGET ALIAS # The alias for the target alias=default # TARGET HOST # The target server to report results to. host= # PAYLOAD LENGTH # Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work. payload length=512 # TIMEOUT # Timeout when reading/writing packets to/from sockets. timeout=30 # TARGET ADDRESS # Target host address address= # PASSWORD # The password to use. Again has to be the same as the server or it wont work at all. password= # IS TEMPLATE # Declare this object as a template (this means it will not be available as a separate object) is template=0
TIME OFFSET
Description: Time offset.
Advanced: (means it is not commonly used)
Key: time offset
Default value: 0
Used by: NSCAClient
Sample:
# TIME OFFSET # Time offset. [NSCAClient] time offset=0
TARGET PARENT
Description: The parent the target inherits from
Advanced: (means it is not commonly used)
Key: parent
Default value: default
Used by: NSCAClient
Sample:
# TARGET PARENT # The parent the target inherits from [NSCAClient] parent=default
ENCRYPTION METHOD
Description: Number corresponding to the various encryption algorithms (see the wiki). Has to be the same as the server or it wont work at all.
Key: encryption
Default value: aes
Used by: NSCAClient
Sample:
# ENCRYPTION METHOD # Number corresponding to the various encryption algorithms (see the wiki). Has to be the same as the server or it wont work at all. [NSCAClient] encryption=aes
TARGET PORT
Description: The target server port
Advanced: (means it is not commonly used)
Key: port
Default value: 0
Used by: NSCAClient
Sample:
# TARGET PORT # The target server port [NSCAClient] port=0
TARGET ALIAS
Description: The alias for the target
Advanced: (means it is not commonly used)
Key: alias
Default value: default
Used by: NSCAClient
Sample:
# TARGET ALIAS # The alias for the target [NSCAClient] alias=default
TARGET HOST
Description: The target server to report results to.
Advanced: (means it is not commonly used)
Key: host
Used by: NSCAClient
Sample:
# TARGET HOST # The target server to report results to. [NSCAClient] host=
PAYLOAD LENGTH
Description: Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work.
Advanced: (means it is not commonly used)
Key: payload length
Default value: 512
Used by: NSCAClient
Sample:
# PAYLOAD LENGTH # Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work. [NSCAClient] payload length=512
TIMEOUT
Description: Timeout when reading/writing packets to/from sockets.
Key: timeout
Default value: 30
Used by: NSCAClient
Sample:
# TIMEOUT # Timeout when reading/writing packets to/from sockets. [NSCAClient] timeout=30
TARGET ADDRESS
Description: Target host address
Key: address
Used by: NSCAClient
Sample:
# TARGET ADDRESS # Target host address [NSCAClient] address=
PASSWORD
Description: The password to use. Again has to be the same as the server or it wont work at all.
Key: password
Used by: NSCAClient
Sample:
# PASSWORD # The password to use. Again has to be the same as the server or it wont work at all. [NSCAClient] password=
IS TEMPLATE
Description: Declare this object as a template (this means it will not be available as a separate object)
Advanced: (means it is not commonly used)
Key: is template
Default value: 0
Used by: NSCAClient
Sample:
# IS TEMPLATE # Declare this object as a template (this means it will not be available as a separate object) [NSCAClient] is template=0
CRASH SECTION
Configure crash handling properties.
Section: /settings/crash
Keys:
| Key | Title | Description |
| submit url | SUBMISSION URL | The url to submit crash reports to |
| submit | SUBMIT CRASHREPORTS | Submit crash reports to nsclient.org (or your configured submission server) |
| restart target | RESTART SERVICE NAME | The url to submit crash reports to |
| archive folder | folder | The archive folder for crash dunpes. |
| archive | ARCHIVE CRASHREPORTS | Archive crash reports in the archive folder |
| restart | RESTART | Submit crash reports to nsclient.org (or your configured submission server) |
Sample:
# CRASH SECTION
# Configure crash handling properties.
[/settings/crash]
# SUBMISSION URL
# The url to submit crash reports to
submit url=http://crash.nsclient.org/submit
# SUBMIT CRASHREPORTS
# Submit crash reports to nsclient.org (or your configured submission server)
submit=0
# RESTART SERVICE NAME
# The url to submit crash reports to
restart target=NSClientpp
# folder
# The archive folder for crash dunpes.
archive folder=${shared-path}/crash-dumps
# ARCHIVE CRASHREPORTS
# Archive crash reports in the archive folder
archive=1
# RESTART
# Submit crash reports to nsclient.org (or your configured submission server)
restart=1
SUBMISSION URL
Description: The url to submit crash reports to
Key: submit url
Default value: http://crash.nsclient.org/submit
Used by: CheckNSCP, [[]]
Sample:
# SUBMISSION URL # The url to submit crash reports to [] submit url=http://crash.nsclient.org/submit
SUBMIT CRASHREPORTS
Description: Submit crash reports to nsclient.org (or your configured submission server)
Key: submit
Default value: 0
Used by: CheckNSCP, [[]]
Sample:
# SUBMIT CRASHREPORTS # Submit crash reports to nsclient.org (or your configured submission server) [] submit=0
RESTART SERVICE NAME
Description: The url to submit crash reports to
Key: restart target
Default value: NSClientpp
Used by: CheckNSCP, [[]]
Sample:
# RESTART SERVICE NAME # The url to submit crash reports to [] restart target=NSClientpp
folder
Description: The archive folder for crash dunpes.
Key: archive folder
Default value: ${shared-path}/crash-dumps
Used by: CheckNSCP, [[]]
Sample:
# folder
# The archive folder for crash dunpes.
[]
archive folder=${shared-path}/crash-dumps
ARCHIVE CRASHREPORTS
Description: Archive crash reports in the archive folder
Key: archive
Default value: 1
Used by: CheckNSCP, [[]]
Sample:
# ARCHIVE CRASHREPORTS # Archive crash reports in the archive folder [] archive=1
RESTART
Description: Submit crash reports to nsclient.org (or your configured submission server)
Key: restart
Default value: 1
Used by: CheckNSCP, [[]]
Sample:
# RESTART # Submit crash reports to nsclient.org (or your configured submission server) [] restart=1
SERVICE MAPPING SECTION
Confiure which services has to be in which state
Section: /settings/check/system/windows/service mapping
Advanced Keys:
| Key | Title | Description |
| DELAYED | SERVICE_DELAYED | TODO |
| DISABLED | SERVICE_DISABLED | TODO |
| DEMAND_START | SERVICE_DEMAND_START | TODO |
| AUTO_START | SERVICE_AUTO_START | TODO |
| SYSTEM_START | SERVICE_SYSTEM_START | TODO |
| BOOT_START | SERVICE_BOOT_START | TODO |
Sample:
# SERVICE MAPPING SECTION # Confiure which services has to be in which state [/settings/check/system/windows/service mapping] # SERVICE_DELAYED # TODO DELAYED=ignored # SERVICE_DISABLED # TODO DISABLED=stopped # SERVICE_DEMAND_START # TODO DEMAND_START=ignored # SERVICE_AUTO_START # TODO AUTO_START=started # SERVICE_SYSTEM_START # TODO SYSTEM_START=ignored # SERVICE_BOOT_START # TODO BOOT_START=ignored
SERVICE_DELAYED
Description: TODO
Advanced: (means it is not commonly used)
Key: DELAYED
Default value: ignored
Used by: CheckSystem
Sample:
# SERVICE_DELAYED # TODO [CheckSystem] DELAYED=ignored
SERVICE_DISABLED
Description: TODO
Advanced: (means it is not commonly used)
Key: DISABLED
Default value: stopped
Used by: CheckSystem
Sample:
# SERVICE_DISABLED # TODO [CheckSystem] DISABLED=stopped
SERVICE_DEMAND_START
Description: TODO
Advanced: (means it is not commonly used)
Key: DEMAND_START
Default value: ignored
Used by: CheckSystem
Sample:
# SERVICE_DEMAND_START # TODO [CheckSystem] DEMAND_START=ignored
SERVICE_AUTO_START
Description: TODO
Advanced: (means it is not commonly used)
Key: AUTO_START
Default value: started
Used by: CheckSystem
Sample:
# SERVICE_AUTO_START # TODO [CheckSystem] AUTO_START=started
SERVICE_SYSTEM_START
Description: TODO
Advanced: (means it is not commonly used)
Key: SYSTEM_START
Default value: ignored
Used by: CheckSystem
Sample:
# SERVICE_SYSTEM_START # TODO [CheckSystem] SYSTEM_START=ignored
SERVICE_BOOT_START
Description: TODO
Advanced: (means it is not commonly used)
Key: BOOT_START
Default value: ignored
Used by: CheckSystem
Sample:
# SERVICE_BOOT_START # TODO [CheckSystem] BOOT_START=ignored
SMTP CLIENT SECTION
Section for SMTP passive check module.
Section: /settings/SMTP/client
Keys:
| Key | Title | Description |
| channel | CHANNEL | The channel to listen to. |
Sample:
# SMTP CLIENT SECTION # Section for SMTP passive check module. [/settings/SMTP/client] # CHANNEL # The channel to listen to. channel=SMTP
CHANNEL
Description: The channel to listen to.
Key: channel
Default value: SMTP
Used by: SMTPClient
Sample:
# CHANNEL # The channel to listen to. [SMTPClient] channel=SMTP
TARGET DEFENITION
Target definition for: default
Section: /settings/SMTP/client/targets/default
Keys:
| Key | Title | Description |
| sender | SENDER | Sender of email message |
| timeout | TIMEOUT | Timeout when reading/writing packets to/from sockets. |
| template | TEMPLATE | Template for message data |
| address | TARGET ADDRESS | Target host address |
| recipient | RECIPIENT | Recipient of email message |
Advanced Keys:
| Key | Title | Description |
| parent | TARGET PARENT | The parent the target inherits from |
| is template | IS TEMPLATE | Declare this object as a template (this means it will not be available as a separate object) |
| alias | TARGET ALIAS | The alias for the target |
| host | TARGET HOST | The target server to report results to. |
| port | TARGET PORT | The target server port |
Sample:
# TARGET DEFENITION # Target definition for: default [/settings/SMTP/client/targets/default] # SENDER # Sender of email message sender=nscp@localhost # TARGET PARENT # The parent the target inherits from parent=default # TIMEOUT # Timeout when reading/writing packets to/from sockets. timeout=30 # IS TEMPLATE # Declare this object as a template (this means it will not be available as a separate object) is template=0 # TARGET ALIAS # The alias for the target alias=default # TARGET HOST # The target server to report results to. host= # TEMPLATE # Template for message data template=Hello, this is %source% reporting %message%! # TARGET ADDRESS # Target host address address= # RECIPIENT # Recipient of email message recipient=nscp@localhost # TARGET PORT # The target server port port=0
SENDER
Description: Sender of email message
Key: sender
Default value: nscp@localhost
Used by: SMTPClient
Sample:
# SENDER # Sender of email message [SMTPClient] sender=nscp@localhost
TARGET PARENT
Description: The parent the target inherits from
Advanced: (means it is not commonly used)
Key: parent
Default value: default
Used by: SMTPClient
Sample:
# TARGET PARENT # The parent the target inherits from [SMTPClient] parent=default
TIMEOUT
Description: Timeout when reading/writing packets to/from sockets.
Key: timeout
Default value: 30
Used by: SMTPClient
Sample:
# TIMEOUT # Timeout when reading/writing packets to/from sockets. [SMTPClient] timeout=30
IS TEMPLATE
Description: Declare this object as a template (this means it will not be available as a separate object)
Advanced: (means it is not commonly used)
Key: is template
Default value: 0
Used by: SMTPClient
Sample:
# IS TEMPLATE # Declare this object as a template (this means it will not be available as a separate object) [SMTPClient] is template=0
TARGET ALIAS
Description: The alias for the target
Advanced: (means it is not commonly used)
Key: alias
Default value: default
Used by: SMTPClient
Sample:
# TARGET ALIAS # The alias for the target [SMTPClient] alias=default
TARGET HOST
Description: The target server to report results to.
Advanced: (means it is not commonly used)
Key: host
Used by: SMTPClient
Sample:
# TARGET HOST # The target server to report results to. [SMTPClient] host=
TEMPLATE
Description: Template for message data
Key: template
Default value: Hello, this is %source% reporting %message%!
Used by: SMTPClient
Sample:
# TEMPLATE # Template for message data [SMTPClient] template=Hello, this is %source% reporting %message%!
TARGET ADDRESS
Description: Target host address
Key: address
Used by: SMTPClient
Sample:
# TARGET ADDRESS # Target host address [SMTPClient] address=
RECIPIENT
Description: Recipient of email message
Key: recipient
Default value: nscp@localhost
Used by: SMTPClient
Sample:
# RECIPIENT # Recipient of email message [SMTPClient] recipient=nscp@localhost
TARGET PORT
Description: The target server port
Advanced: (means it is not commonly used)
Key: port
Default value: 0
Used by: SMTPClient
Sample:
# TARGET PORT # The target server port [SMTPClient] port=0
TARGET LIST SECTION
A list of available remote target systems
Section: /settings/targets
Sample:
# TARGET LIST SECTION # A list of available remote target systems [/settings/targets]
LUA SCRIPT SECTION
Section for the PythonScripts? module.
Section: /settings/python
Sample:
# LUA SCRIPT SECTION # Section for the PythonScripts module. [/settings/python]
NSCP SERVER SECTION
Section for NSCP (NSCPListener.dll) (check_nscp) protocol options.
Section: /settings/nscp/server
Keys:
| Key | Title | Description |
| allow arguments | COMMAND ARGUMENT PROCESSING | This option determines whether or not we will allow clients to specify arguments to commands that are executed. |
| port | PORT NUMBER | Port to use for NSCP. |
Advanced Keys:
| Key | Title | Description |
| cache allowed hosts | CACHE ALLOWED HOSTS | If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| certificate key | SSL CERTIFICATE | parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| certificate format | CERTIFICATE FORMAT | parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| certificate | SSL CERTIFICATE | parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| verify mode | VERIFY MODE | parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| ca | CA | parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| bind to | BIND TO ADDRESS | Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| allowed hosts | ALLOWED HOSTS | A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| thread pool | THREAD POOL | parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| allowed ciphers | ALLOWED CIPHERS | parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| timeout | TIMEOUT | Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| socket queue size | LISTEN QUEUE | Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| use ssl | ENABLE SSL ENCRYPTION | This option controls if SSL should be enabled. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
Sample:
# NSCP SERVER SECTION
# Section for NSCP (NSCPListener.dll) (check_nscp) protocol options.
[/settings/nscp/server]
# CACHE ALLOWED HOSTS
# If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
cache allowed hosts=1
# SSL CERTIFICATE
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
certificate key=${certificate-path}/certificate_key.pem
# CERTIFICATE FORMAT
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
certificate format=PEM
# SSL CERTIFICATE
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
certificate=${certificate-path}/certificate.pem
# VERIFY MODE
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
verify mode=none
# CA
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
ca=${certificate-path}/ca.pem
# BIND TO ADDRESS
# Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
bind to=
# ALLOWED HOSTS
# A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
allowed hosts=127.0.0.1
# THREAD POOL
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
thread pool=10
# ALLOWED CIPHERS
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
allowed ciphers=ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
# COMMAND ARGUMENT PROCESSING
# This option determines whether or not we will allow clients to specify arguments to commands that are executed.
allow arguments=0
# TIMEOUT
# Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
timeout=30
# LISTEN QUEUE
# Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
socket queue size=0
# ENABLE SSL ENCRYPTION
# This option controls if SSL should be enabled. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
use ssl=0
# PORT NUMBER
# Port to use for NSCP.
port=5668
CACHE ALLOWED HOSTS
Description: If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: cache allowed hosts
Default value: 1
Used by: NSCPServer
Sample:
# CACHE ALLOWED HOSTS # If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSCPServer] cache allowed hosts=1
SSL CERTIFICATE
Description: parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: certificate key
Default value: ${certificate-path}/certificate_key.pem
Used by: NSCPServer
Sample:
# SSL CERTIFICATE
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
[NSCPServer]
certificate key=${certificate-path}/certificate_key.pem
CERTIFICATE FORMAT
Description: parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: certificate format
Default value: PEM
Used by: NSCPServer
Sample:
# CERTIFICATE FORMAT # parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSCPServer] certificate format=PEM
SSL CERTIFICATE
Description: parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: certificate
Default value: ${certificate-path}/certificate.pem
Used by: NSCPServer
Sample:
# SSL CERTIFICATE
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
[NSCPServer]
certificate=${certificate-path}/certificate.pem
VERIFY MODE
Description: parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: verify mode
Default value: none
Used by: NSCPServer
Sample:
# VERIFY MODE # parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSCPServer] verify mode=none
CA
Description: parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: ca
Default value: ${certificate-path}/ca.pem
Used by: NSCPServer
Sample:
# CA
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
[NSCPServer]
ca=${certificate-path}/ca.pem
BIND TO ADDRESS
Description: Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: bind to
Used by: NSCPServer
Sample:
# BIND TO ADDRESS # Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSCPServer] bind to=
ALLOWED HOSTS
Description: A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: allowed hosts
Default value: 127.0.0.1
Used by: NSCPServer
Sample:
# ALLOWED HOSTS # A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSCPServer] allowed hosts=127.0.0.1
THREAD POOL
Description: parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: thread pool
Default value: 10
Used by: NSCPServer
Sample:
# THREAD POOL # parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSCPServer] thread pool=10
ALLOWED CIPHERS
Description: parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: allowed ciphers
Default value: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
Used by: NSCPServer
Sample:
# ALLOWED CIPHERS # parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSCPServer] allowed ciphers=ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
COMMAND ARGUMENT PROCESSING
Description: This option determines whether or not we will allow clients to specify arguments to commands that are executed.
Key: allow arguments
Default value: 0
Used by: NSCPServer
Sample:
# COMMAND ARGUMENT PROCESSING # This option determines whether or not we will allow clients to specify arguments to commands that are executed. [NSCPServer] allow arguments=0
TIMEOUT
Description: Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: timeout
Default value: 30
Used by: NSCPServer
Sample:
# TIMEOUT # Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSCPServer] timeout=30
LISTEN QUEUE
Description: Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: socket queue size
Default value: 0
Used by: NSCPServer
Sample:
# LISTEN QUEUE # Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSCPServer] socket queue size=0
ENABLE SSL ENCRYPTION
Description: This option controls if SSL should be enabled. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: use ssl
Default value: 0
Used by: NSCPServer
Sample:
# ENABLE SSL ENCRYPTION # This option controls if SSL should be enabled. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NSCPServer] use ssl=0
PORT NUMBER
Description: Port to use for NSCP.
Key: port
Default value: 5668
Used by: NSCPServer
Sample:
# PORT NUMBER # Port to use for NSCP. [NSCPServer] port=5668
NRPE SERVER SECTION
Section for NRPE (NRPEServer.dll) (check_nrpe) protocol options.
Section: /settings/NRPE/server
Keys:
| Key | Title | Description |
| allow arguments | COMMAND ARGUMENT PROCESSING | This option determines whether or not we will allow clients to specify arguments to commands that are executed. |
| port | PORT NUMBER | Port to use for NRPE. |
| allow nasty characters | COMMAND ALLOW NASTY META CHARS | This option determines whether or not we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments. |
Advanced Keys:
| Key | Title | Description |
| cache allowed hosts | CACHE ALLOWED HOSTS | If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| certificate key | SSL CERTIFICATE | parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| certificate format | CERTIFICATE FORMAT | parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| socket queue size | LISTEN QUEUE | Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| certificate | SSL CERTIFICATE | parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| verify mode | VERIFY MODE | parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| ca | CA | parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| bind to | BIND TO ADDRESS | Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| allowed hosts | ALLOWED HOSTS | A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| timeout | TIMEOUT | Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| thread pool | THREAD POOL | parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| allowed ciphers | ALLOWED CIPHERS | A better value is: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
| performance data | PERFORMANCE DATA | Send performance data back to nagios (set this to 0 to remove all performance data). |
| payload length | PAYLOAD LENGTH | Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work. |
| use ssl | ENABLE SSL ENCRYPTION | This option controls if SSL should be enabled. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. |
Sample:
# NRPE SERVER SECTION
# Section for NRPE (NRPEServer.dll) (check_nrpe) protocol options.
[/settings/NRPE/server]
# CACHE ALLOWED HOSTS
# If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
cache allowed hosts=1
# SSL CERTIFICATE
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
certificate key=${certificate-path}/certificate_key.pem
# CERTIFICATE FORMAT
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
certificate format=PEM
# LISTEN QUEUE
# Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
socket queue size=0
# SSL CERTIFICATE
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
certificate=${certificate-path}/certificate.pem
# VERIFY MODE
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
verify mode=none
# CA
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
ca=${certificate-path}/ca.pem
# BIND TO ADDRESS
# Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
bind to=
# ALLOWED HOSTS
# A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
allowed hosts=127.0.0.1
# TIMEOUT
# Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
timeout=30
# THREAD POOL
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
thread pool=10
# ALLOWED CIPHERS
# A better value is: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
allowed ciphers=ADH
# COMMAND ARGUMENT PROCESSING
# This option determines whether or not we will allow clients to specify arguments to commands that are executed.
allow arguments=0
# PERFORMANCE DATA
# Send performance data back to nagios (set this to 0 to remove all performance data).
performance data=1
# PAYLOAD LENGTH
# Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work.
payload length=1024
# ENABLE SSL ENCRYPTION
# This option controls if SSL should be enabled. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
use ssl=0
# PORT NUMBER
# Port to use for NRPE.
port=5666
# COMMAND ALLOW NASTY META CHARS
# This option determines whether or not we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
allow nasty characters=0
CACHE ALLOWED HOSTS
Description: If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: cache allowed hosts
Default value: 1
Used by: NRPEServer
Sample:
# CACHE ALLOWED HOSTS # If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NRPEServer] cache allowed hosts=1
SSL CERTIFICATE
Description: parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: certificate key
Default value: ${certificate-path}/certificate_key.pem
Used by: NRPEServer
Sample:
# SSL CERTIFICATE
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
[NRPEServer]
certificate key=${certificate-path}/certificate_key.pem
CERTIFICATE FORMAT
Description: parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: certificate format
Default value: PEM
Used by: NRPEServer
Sample:
# CERTIFICATE FORMAT # parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NRPEServer] certificate format=PEM
LISTEN QUEUE
Description: Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: socket queue size
Default value: 0
Used by: NRPEServer
Sample:
# LISTEN QUEUE # Number of sockets to queue before starting to refuse new incoming connections. This can be used to tweak the amount of simultaneous sockets that the server accepts. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NRPEServer] socket queue size=0
SSL CERTIFICATE
Description: parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: certificate
Default value: ${certificate-path}/certificate.pem
Used by: NRPEServer
Sample:
# SSL CERTIFICATE
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
[NRPEServer]
certificate=${certificate-path}/certificate.pem
VERIFY MODE
Description: parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: verify mode
Default value: none
Used by: NRPEServer
Sample:
# VERIFY MODE # parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NRPEServer] verify mode=none
CA
Description: parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: ca
Default value: ${certificate-path}/ca.pem
Used by: NRPEServer
Sample:
# CA
# parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
[NRPEServer]
ca=${certificate-path}/ca.pem
BIND TO ADDRESS
Description: Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: bind to
Used by: NRPEServer
Sample:
# BIND TO ADDRESS # Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NRPEServer] bind to=
ALLOWED HOSTS
Description: A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: allowed hosts
Default value: 127.0.0.1
Used by: NRPEServer
Sample:
# ALLOWED HOSTS # A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NRPEServer] allowed hosts=127.0.0.1
TIMEOUT
Description: Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: timeout
Default value: 30
Used by: NRPEServer
Sample:
# TIMEOUT # Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NRPEServer] timeout=30
THREAD POOL
Description: parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: thread pool
Default value: 10
Used by: NRPEServer
Sample:
# THREAD POOL # parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NRPEServer] thread pool=10
ALLOWED CIPHERS
Description: A better value is: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: allowed ciphers
Default value: ADH
Used by: NRPEServer
Sample:
# ALLOWED CIPHERS # A better value is: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NRPEServer] allowed ciphers=ADH
COMMAND ARGUMENT PROCESSING
Description: This option determines whether or not we will allow clients to specify arguments to commands that are executed.
Key: allow arguments
Default value: 0
Used by: NRPEServer
Sample:
# COMMAND ARGUMENT PROCESSING # This option determines whether or not we will allow clients to specify arguments to commands that are executed. [NRPEServer] allow arguments=0
PERFORMANCE DATA
Description: Send performance data back to nagios (set this to 0 to remove all performance data).
Advanced: (means it is not commonly used)
Key: performance data
Default value: 1
Used by: NRPEServer
Sample:
# PERFORMANCE DATA # Send performance data back to nagios (set this to 0 to remove all performance data). [NRPEServer] performance data=1
PAYLOAD LENGTH
Description: Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work.
Advanced: (means it is not commonly used)
Key: payload length
Default value: 1024
Used by: NRPEServer
Sample:
# PAYLOAD LENGTH # Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work. [NRPEServer] payload length=1024
ENABLE SSL ENCRYPTION
Description: This option controls if SSL should be enabled. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent.
Advanced: (means it is not commonly used)
Key: use ssl
Default value: 0
Used by: NRPEServer
Sample:
# ENABLE SSL ENCRYPTION # This option controls if SSL should be enabled. parent for this key is found under: /settings/default this is marked as advanced in favour of the parent. [NRPEServer] use ssl=0
PORT NUMBER
Description: Port to use for NRPE.
Key: port
Default value: 5666
Used by: NRPEServer
Sample:
# PORT NUMBER # Port to use for NRPE. [NRPEServer] port=5666
COMMAND ALLOW NASTY META CHARS
Description: This option determines whether or not we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
Key: allow nasty characters
Default value: 0
Used by: NRPEServer
Sample:
# COMMAND ALLOW NASTY META CHARS
# This option determines whether or not we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
[NRPEServer]
allow nasty characters=0
CONFIGURE REALTIME CHECKING
A set of options to configure the real time checks
Section: /settings/eventlog/real-time
Keys:
| Key | Title | Description |
| log | LOGS TO CHECK | Coma separated list of logs to check |
| enabled | REAL TIME CHECKING | Spawns a backgrounnd thread which detects issues and reports them back instantly. |
| maximum age | MAGIMUM AGE | How long before reporting "ok" (if this is set to off no ok will be reported only errors) |
| startup age | STARTUP AGE | The initial age to scan when starting NSClient++ |
| enable active | ENABLE ACTIVE MONITORING | This will store all matches so you can use real-time filters from active monitoring (use CheckEventlogCache?). |
| debug | DEBUG | Log missed records (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog. |
Sample:
# CONFIGURE REALTIME CHECKING # A set of options to configure the real time checks [/settings/eventlog/real-time] # LOGS TO CHECK # Coma separated list of logs to check log=application # REAL TIME CHECKING # Spawns a backgrounnd thread which detects issues and reports them back instantly. enabled=0 # MAGIMUM AGE # How long before reporting "ok" (if this is set to off no ok will be reported only errors) maximum age=5m # STARTUP AGE # The initial age to scan when starting NSClient++ startup age=30m # ENABLE ACTIVE MONITORING # This will store all matches so you can use real-time filters from active monitoring (use CheckEventlogCache). enable active=0 # DEBUG # Log missed records (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog. debug=0
LOGS TO CHECK
Description: Coma separated list of logs to check
Key: log
Default value: application
Used by: CheckEventLog
Sample:
# LOGS TO CHECK # Coma separated list of logs to check [CheckEventLog] log=application
REAL TIME CHECKING
Description: Spawns a backgrounnd thread which detects issues and reports them back instantly.
Key: enabled
Default value: 0
Used by: CheckEventLog
Sample:
# REAL TIME CHECKING # Spawns a backgrounnd thread which detects issues and reports them back instantly. [CheckEventLog] enabled=0
MAGIMUM AGE
Description: How long before reporting "ok" (if this is set to off no ok will be reported only errors)
Key: maximum age
Default value: 5m
Used by: CheckEventLog
Sample:
# MAGIMUM AGE # How long before reporting "ok" (if this is set to off no ok will be reported only errors) [CheckEventLog] maximum age=5m
STARTUP AGE
Description: The initial age to scan when starting NSClient++
Key: startup age
Default value: 30m
Used by: CheckEventLog
Sample:
# STARTUP AGE # The initial age to scan when starting NSClient++ [CheckEventLog] startup age=30m
ENABLE ACTIVE MONITORING
Description: This will store all matches so you can use real-time filters from active monitoring (use CheckEventlogCache?).
Key: enable active
Default value: 0
Used by: CheckEventLog
Sample:
# ENABLE ACTIVE MONITORING # This will store all matches so you can use real-time filters from active monitoring (use CheckEventlogCache). [CheckEventLog] enable active=0
DEBUG
Description: Log missed records (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog.
Key: debug
Default value: 0
Used by: CheckEventLog
Sample:
# DEBUG # Log missed records (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog. [CheckEventLog] debug=0
WINDOWS CHECK SYSTEM
Section for system checks and system settings
Section: /settings/check/system/windows
Keys:
| Key | Title | Description |
| default | DEFAULT COUNTERS | Load the default counters: cpu, memory commit bytes, memory commit limit and uptime If not you need to specify these manually. |
| default buffer length | DEFAULT LENGTH | Used to define the default intervall for range buffer checks (ie. CPU). |
Advanced Keys:
| Key | Title | Description |
| subsystem | PDH SUBSYSTEM | Set which pdh subsystem to use. |
| default intervall | DEFAULT INTERVALL | Used to define the default intervall for range buffer checks (ie. CPU). |
Sample:
# WINDOWS CHECK SYSTEM # Section for system checks and system settings [/settings/check/system/windows] # DEFAULT COUNTERS # Load the default counters: cpu, memory commit bytes, memory commit limit and uptime If not you need to specify these manually. default=1 # DEFAULT LENGTH # Used to define the default intervall for range buffer checks (ie. CPU). default buffer length=1h # PDH SUBSYSTEM # Set which pdh subsystem to use. subsystem=default # DEFAULT INTERVALL # Used to define the default intervall for range buffer checks (ie. CPU). default intervall=1
DEFAULT COUNTERS
Description: Load the default counters: cpu, memory commit bytes, memory commit limit and uptime If not you need to specify these manually.
Key: default
Default value: 1
Used by: CheckSystem
Sample:
# DEFAULT COUNTERS # Load the default counters: cpu, memory commit bytes, memory commit limit and uptime If not you need to specify these manually. [CheckSystem] default=1
DEFAULT LENGTH
Description: Used to define the default intervall for range buffer checks (ie. CPU).
Key: default buffer length
Default value: 1h
Used by: CheckSystem
Sample:
# DEFAULT LENGTH # Used to define the default intervall for range buffer checks (ie. CPU). [CheckSystem] default buffer length=1h
PDH SUBSYSTEM
Description: Set which pdh subsystem to use.
Advanced: (means it is not commonly used)
Key: subsystem
Default value: default
Used by: CheckSystem
Sample:
# PDH SUBSYSTEM # Set which pdh subsystem to use. [CheckSystem] subsystem=default
DEFAULT INTERVALL
Description: Used to define the default intervall for range buffer checks (ie. CPU).
Advanced: (means it is not commonly used)
Key: default intervall
Default value: 1
Used by: CheckSystem
Sample:
# DEFAULT INTERVALL # Used to define the default intervall for range buffer checks (ie. CPU). [CheckSystem] default intervall=1
EXTERNAL SCRIPT WRAPPED SCRIPTS SECTION
A list of wrappped scripts (ie. using the template mechanism)
Section: /settings/external scripts/wrapped scripts
Sample:
# EXTERNAL SCRIPT WRAPPED SCRIPTS SECTION # A list of wrappped scripts (ie. using the template mechanism) [/settings/external scripts/wrapped scripts]
NRPE CLIENT SECTION
Section for NRPE active/passive check module.
Section: /settings/NRPE/client
Keys:
| Key | Title | Description |
| channel | CHANNEL | The channel to listen to. |
Sample:
# NRPE CLIENT SECTION # Section for NRPE active/passive check module. [/settings/NRPE/client] # CHANNEL # The channel to listen to. channel=NRPE
CHANNEL
Description: The channel to listen to.
Key: channel
Default value: NRPE
Used by: NRPEClient
Sample:
# CHANNEL # The channel to listen to. [NRPEClient] channel=NRPE
TARGET DEFENITION
Target definition for: default
Section: /settings/NRPE/client/targets/default
Keys:
| Key | Title | Description |
| certificate | SSL CERTIFICATE | |
| payload length | PAYLOAD LENGTH | Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work. |
| timeout | TIMEOUT | Timeout when reading/writing packets to/from sockets. |
| address | TARGET ADDRESS | Target host address |
| use ssl | ENABLE SSL ENCRYPTION | This option controls if SSL should be enabled. |
Advanced Keys:
| Key | Title | Description |
| parent | TARGET PARENT | The parent the target inherits from |
| port | TARGET PORT | The target server port |
| alias | TARGET ALIAS | The alias for the target |
| host | TARGET HOST | The target server to report results to. |
| is template | IS TEMPLATE | Declare this object as a template (this means it will not be available as a separate object) |
Sample:
# TARGET DEFENITION
# Target definition for: default
[/settings/NRPE/client/targets/default]
# SSL CERTIFICATE
#
certificate=${certificate-path}/nrpe_dh_512.pem
# TARGET PARENT
# The parent the target inherits from
parent=default
# TARGET PORT
# The target server port
port=0
# TARGET ALIAS
# The alias for the target
alias=default
# TARGET HOST
# The target server to report results to.
host=
# PAYLOAD LENGTH
# Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work.
payload length=1024
# TIMEOUT
# Timeout when reading/writing packets to/from sockets.
timeout=30
# TARGET ADDRESS
# Target host address
address=
# ENABLE SSL ENCRYPTION
# This option controls if SSL should be enabled.
use ssl=1
# IS TEMPLATE
# Declare this object as a template (this means it will not be available as a separate object)
is template=0
SSL CERTIFICATE
Description:
Key: certificate
Default value: ${certificate-path}/nrpe_dh_512.pem
Used by: NRPEClient
Sample:
# SSL CERTIFICATE
#
[NRPEClient]
certificate=${certificate-path}/nrpe_dh_512.pem
TARGET PARENT
Description: The parent the target inherits from
Advanced: (means it is not commonly used)
Key: parent
Default value: default
Used by: NRPEClient
Sample:
# TARGET PARENT # The parent the target inherits from [NRPEClient] parent=default
TARGET PORT
Description: The target server port
Advanced: (means it is not commonly used)
Key: port
Default value: 0
Used by: NRPEClient
Sample:
# TARGET PORT # The target server port [NRPEClient] port=0
TARGET ALIAS
Description: The alias for the target
Advanced: (means it is not commonly used)
Key: alias
Default value: default
Used by: NRPEClient
Sample:
# TARGET ALIAS # The alias for the target [NRPEClient] alias=default
TARGET HOST
Description: The target server to report results to.
Advanced: (means it is not commonly used)
Key: host
Used by: NRPEClient
Sample:
# TARGET HOST # The target server to report results to. [NRPEClient] host=
PAYLOAD LENGTH
Description: Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work.
Key: payload length
Default value: 1024
Used by: NRPEClient
Sample:
# PAYLOAD LENGTH # Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work. [NRPEClient] payload length=1024
TIMEOUT
Description: Timeout when reading/writing packets to/from sockets.
Key: timeout
Default value: 30
Used by: NRPEClient
Sample:
# TIMEOUT # Timeout when reading/writing packets to/from sockets. [NRPEClient] timeout=30
TARGET ADDRESS
Description: Target host address
Key: address
Used by: NRPEClient
Sample:
# TARGET ADDRESS # Target host address [NRPEClient] address=
ENABLE SSL ENCRYPTION
Description: This option controls if SSL should be enabled.
Key: use ssl
Default value: 1
Used by: NRPEClient
Sample:
# ENABLE SSL ENCRYPTION # This option controls if SSL should be enabled. [NRPEClient] use ssl=1
IS TEMPLATE
Description: Declare this object as a template (this means it will not be available as a separate object)
Advanced: (means it is not commonly used)
Key: is template
Default value: 0
Used by: NRPEClient
Sample:
# IS TEMPLATE # Declare this object as a template (this means it will not be available as a separate object) [NRPEClient] is template=0
REALTIME FILTERS
A set of filters to use in real-time mode
Section: /settings/eventlog/real-time/filters
Sample:
# REALTIME FILTERS # A set of filters to use in real-time mode [/settings/eventlog/real-time/filters]
LOG SETTINGS
Section for configuring the log handling.
Section: /settings/log
Keys:
| Key | Title | Description |
| file name | FILENAME | The file to write log data to. Set this to none to disable log to file. |
| date format | DATEMASK | The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve. |
| level | LOG LEVEL | Log level to use. available levels are error,warning,info,debug,trace |
Sample:
# LOG SETTINGS
# Section for configuring the log handling.
[/settings/log]
# FILENAME
# The file to write log data to. Set this to none to disable log to file.
file name=${exe-path}/nsclient.log
# DATEMASK
# The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve.
date format=%Y-%m-%d %H:%M:%S
# LOG LEVEL
# Log level to use. available levels are error,warning,info,debug,trace
level=info
FILENAME
Description: The file to write log data to. Set this to none to disable log to file.
Key: file name
Default value: ${exe-path}/nsclient.log
Used by: [[]]
Sample:
# FILENAME
# The file to write log data to. Set this to none to disable log to file.
[]
file name=${exe-path}/nsclient.log
DATEMASK
Description: The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve.
Key: date format
Default value: %Y-%m-%d %H:%M:%S
Used by: [[]]
Sample:
# DATEMASK # The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve. [] date format=%Y-%m-%d %H:%M:%S
LOG LEVEL
Description: Log level to use. available levels are error,warning,info,debug,trace
Key: level
Default value: info
Used by: [[]]
Sample:
# LOG LEVEL # Log level to use. available levels are error,warning,info,debug,trace [] level=info
CLIENT HANDLER SECTION
Section: /settings/syslog/client/handlers
Sample:
# CLIENT HANDLER SECTION # [/settings/syslog/client/handlers]
EXTERNAL SCRIPT ALIAS SECTION
A list of aliases available. An alias is an internal command that has been "wrapped" (to add arguments). Be careful so you don't create loops (ie check_loop=check_a, check_a=check_loop)
Section: /settings/external scripts/alias
Keys:
| Key | Title | Description |
| alias_file_size | alias_file_size | Alias for alias_file_size. To configure this item add a section called: /settings/external scripts/alias/alias_file_size |
| alias_sched_all | alias_sched_all | Alias for alias_sched_all. To configure this item add a section called: /settings/external scripts/alias/alias_sched_all |
| alias_process_hung | alias_process_hung | Alias for alias_process_hung. To configure this item add a section called: /settings/external scripts/alias/alias_process_hung |
| alias_service_ex | alias_service_ex | Alias for alias_service_ex. To configure this item add a section called: /settings/external scripts/alias/alias_service_ex |
| alias_cpu_ex | alias_cpu_ex | Alias for alias_cpu_ex. To configure this item add a section called: /settings/external scripts/alias/alias_cpu_ex |
| alias_sched_task | alias_sched_task | Alias for alias_sched_task. To configure this item add a section called: /settings/external scripts/alias/alias_sched_task |
| alias_service | alias_service | Alias for alias_service. To configure this item add a section called: /settings/external scripts/alias/alias_service |
| alias_event_log | alias_event_log | Alias for alias_event_log. To configure this item add a section called: /settings/external scripts/alias/alias_event_log |
| alias_volumes_loose | alias_volumes_loose | Alias for alias_volumes_loose. To configure this item add a section called: /settings/external scripts/alias/alias_volumes_loose |
| alias_file_age | alias_file_age | Alias for alias_file_age. To configure this item add a section called: /settings/external scripts/alias/alias_file_age |
| alias_process_stopped | alias_process_stopped | Alias for alias_process_stopped. To configure this item add a section called: /settings/external scripts/alias/alias_process_stopped |
| alias_disk | alias_disk | Alias for alias_disk. To configure this item add a section called: /settings/external scripts/alias/alias_disk |
| alias_up | alias_up | Alias for alias_up. To configure this item add a section called: /settings/external scripts/alias/alias_up |
| alias_process_count | alias_process_count | Alias for alias_process_count. To configure this item add a section called: /settings/external scripts/alias/alias_process_count |
| alias_mem | alias_mem | Alias for alias_mem. To configure this item add a section called: /settings/external scripts/alias/alias_mem |
| alias_disk_loose | alias_disk_loose | Alias for alias_disk_loose. To configure this item add a section called: /settings/external scripts/alias/alias_disk_loose |
| alias_cpu | alias_cpu | Alias for alias_cpu. To configure this item add a section called: /settings/external scripts/alias/alias_cpu |
| check_ok | check_ok | Alias for check_ok. To configure this item add a section called: /settings/external scripts/alias/check_ok |
| default | default | Alias for default. To configure this item add a section called: /settings/external scripts/alias/default |
| alias_volumes | alias_volumes | Alias for alias_volumes. To configure this item add a section called: /settings/external scripts/alias/alias_volumes |
| alias_sched_long | alias_sched_long | Alias for alias_sched_long. To configure this item add a section called: /settings/external scripts/alias/alias_sched_long |
| alias_updates | alias_updates | Alias for alias_updates. To configure this item add a section called: /settings/external scripts/alias/alias_updates |
| alias_process | alias_process | Alias for alias_process. To configure this item add a section called: /settings/external scripts/alias/alias_process |
Sample:
# EXTERNAL SCRIPT ALIAS SECTION # A list of aliases available. An alias is an internal command that has been "wrapped" (to add arguments). Be careful so you don't create loops (ie check_loop=check_a, check_a=check_loop) [/settings/external scripts/alias] # alias_file_size # Alias for alias_file_size. To configure this item add a section called: /settings/external scripts/alias/alias_file_size alias_file_size= # alias_sched_all # Alias for alias_sched_all. To configure this item add a section called: /settings/external scripts/alias/alias_sched_all alias_sched_all= # alias_process_hung # Alias for alias_process_hung. To configure this item add a section called: /settings/external scripts/alias/alias_process_hung alias_process_hung= # alias_service_ex # Alias for alias_service_ex. To configure this item add a section called: /settings/external scripts/alias/alias_service_ex alias_service_ex= # alias_cpu_ex # Alias for alias_cpu_ex. To configure this item add a section called: /settings/external scripts/alias/alias_cpu_ex alias_cpu_ex= # alias_sched_task # Alias for alias_sched_task. To configure this item add a section called: /settings/external scripts/alias/alias_sched_task alias_sched_task= # alias_service # Alias for alias_service. To configure this item add a section called: /settings/external scripts/alias/alias_service alias_service= # alias_event_log # Alias for alias_event_log. To configure this item add a section called: /settings/external scripts/alias/alias_event_log alias_event_log= # alias_volumes_loose # Alias for alias_volumes_loose. To configure this item add a section called: /settings/external scripts/alias/alias_volumes_loose alias_volumes_loose= # alias_file_age # Alias for alias_file_age. To configure this item add a section called: /settings/external scripts/alias/alias_file_age alias_file_age= # alias_process_stopped # Alias for alias_process_stopped. To configure this item add a section called: /settings/external scripts/alias/alias_process_stopped alias_process_stopped= # alias_disk # Alias for alias_disk. To configure this item add a section called: /settings/external scripts/alias/alias_disk alias_disk= # alias_up # Alias for alias_up. To configure this item add a section called: /settings/external scripts/alias/alias_up alias_up= # alias_process_count # Alias for alias_process_count. To configure this item add a section called: /settings/external scripts/alias/alias_process_count alias_process_count= # alias_mem # Alias for alias_mem. To configure this item add a section called: /settings/external scripts/alias/alias_mem alias_mem= # alias_disk_loose # Alias for alias_disk_loose. To configure this item add a section called: /settings/external scripts/alias/alias_disk_loose alias_disk_loose= # alias_cpu # Alias for alias_cpu. To configure this item add a section called: /settings/external scripts/alias/alias_cpu alias_cpu= # check_ok # Alias for check_ok. To configure this item add a section called: /settings/external scripts/alias/check_ok check_ok= # default # Alias for default. To configure this item add a section called: /settings/external scripts/alias/default default= # alias_volumes # Alias for alias_volumes. To configure this item add a section called: /settings/external scripts/alias/alias_volumes alias_volumes= # alias_sched_long # Alias for alias_sched_long. To configure this item add a section called: /settings/external scripts/alias/alias_sched_long alias_sched_long= # alias_updates # Alias for alias_updates. To configure this item add a section called: /settings/external scripts/alias/alias_updates alias_updates= # alias_process # Alias for alias_process. To configure this item add a section called: /settings/external scripts/alias/alias_process alias_process=
alias_file_size
Description: Alias for alias_file_size. To configure this item add a section called: /settings/external scripts/alias/alias_file_size
Key: alias_file_size
Used by: CheckExternalScripts
Sample:
# alias_file_size # Alias for alias_file_size. To configure this item add a section called: /settings/external scripts/alias/alias_file_size [CheckExternalScripts] alias_file_size=
alias_sched_all
Description: Alias for alias_sched_all. To configure this item add a section called: /settings/external scripts/alias/alias_sched_all
Key: alias_sched_all
Used by: CheckExternalScripts
Sample:
# alias_sched_all # Alias for alias_sched_all. To configure this item add a section called: /settings/external scripts/alias/alias_sched_all [CheckExternalScripts] alias_sched_all=
alias_process_hung
Description: Alias for alias_process_hung. To configure this item add a section called: /settings/external scripts/alias/alias_process_hung
Key: alias_process_hung
Used by: CheckExternalScripts
Sample:
# alias_process_hung # Alias for alias_process_hung. To configure this item add a section called: /settings/external scripts/alias/alias_process_hung [CheckExternalScripts] alias_process_hung=
alias_service_ex
Description: Alias for alias_service_ex. To configure this item add a section called: /settings/external scripts/alias/alias_service_ex
Key: alias_service_ex
Used by: CheckExternalScripts
Sample:
# alias_service_ex # Alias for alias_service_ex. To configure this item add a section called: /settings/external scripts/alias/alias_service_ex [CheckExternalScripts] alias_service_ex=
alias_cpu_ex
Description: Alias for alias_cpu_ex. To configure this item add a section called: /settings/external scripts/alias/alias_cpu_ex
Key: alias_cpu_ex
Used by: CheckExternalScripts
Sample:
# alias_cpu_ex # Alias for alias_cpu_ex. To configure this item add a section called: /settings/external scripts/alias/alias_cpu_ex [CheckExternalScripts] alias_cpu_ex=
alias_sched_task
Description: Alias for alias_sched_task. To configure this item add a section called: /settings/external scripts/alias/alias_sched_task
Key: alias_sched_task
Used by: CheckExternalScripts
Sample:
# alias_sched_task # Alias for alias_sched_task. To configure this item add a section called: /settings/external scripts/alias/alias_sched_task [CheckExternalScripts] alias_sched_task=
alias_service
Description: Alias for alias_service. To configure this item add a section called: /settings/external scripts/alias/alias_service
Key: alias_service
Used by: CheckExternalScripts
Sample:
# alias_service # Alias for alias_service. To configure this item add a section called: /settings/external scripts/alias/alias_service [CheckExternalScripts] alias_service=
alias_event_log
Description: Alias for alias_event_log. To configure this item add a section called: /settings/external scripts/alias/alias_event_log
Key: alias_event_log
Used by: CheckExternalScripts
Sample:
# alias_event_log # Alias for alias_event_log. To configure this item add a section called: /settings/external scripts/alias/alias_event_log [CheckExternalScripts] alias_event_log=
alias_volumes_loose
Description: Alias for alias_volumes_loose. To configure this item add a section called: /settings/external scripts/alias/alias_volumes_loose
Key: alias_volumes_loose
Used by: CheckExternalScripts
Sample:
# alias_volumes_loose # Alias for alias_volumes_loose. To configure this item add a section called: /settings/external scripts/alias/alias_volumes_loose [CheckExternalScripts] alias_volumes_loose=
alias_file_age
Description: Alias for alias_file_age. To configure this item add a section called: /settings/external scripts/alias/alias_file_age
Key: alias_file_age
Used by: CheckExternalScripts
Sample:
# alias_file_age # Alias for alias_file_age. To configure this item add a section called: /settings/external scripts/alias/alias_file_age [CheckExternalScripts] alias_file_age=
alias_process_stopped
Description: Alias for alias_process_stopped. To configure this item add a section called: /settings/external scripts/alias/alias_process_stopped
Key: alias_process_stopped
Used by: CheckExternalScripts
Sample:
# alias_process_stopped # Alias for alias_process_stopped. To configure this item add a section called: /settings/external scripts/alias/alias_process_stopped [CheckExternalScripts] alias_process_stopped=
alias_disk
Description: Alias for alias_disk. To configure this item add a section called: /settings/external scripts/alias/alias_disk
Key: alias_disk
Used by: CheckExternalScripts
Sample:
# alias_disk # Alias for alias_disk. To configure this item add a section called: /settings/external scripts/alias/alias_disk [CheckExternalScripts] alias_disk=
alias_up
Description: Alias for alias_up. To configure this item add a section called: /settings/external scripts/alias/alias_up
Key: alias_up
Used by: CheckExternalScripts
Sample:
# alias_up # Alias for alias_up. To configure this item add a section called: /settings/external scripts/alias/alias_up [CheckExternalScripts] alias_up=
alias_process_count
Description: Alias for alias_process_count. To configure this item add a section called: /settings/external scripts/alias/alias_process_count
Key: alias_process_count
Used by: CheckExternalScripts
Sample:
# alias_process_count # Alias for alias_process_count. To configure this item add a section called: /settings/external scripts/alias/alias_process_count [CheckExternalScripts] alias_process_count=
alias_mem
Description: Alias for alias_mem. To configure this item add a section called: /settings/external scripts/alias/alias_mem
Key: alias_mem
Used by: CheckExternalScripts
Sample:
# alias_mem # Alias for alias_mem. To configure this item add a section called: /settings/external scripts/alias/alias_mem [CheckExternalScripts] alias_mem=
alias_disk_loose
Description: Alias for alias_disk_loose. To configure this item add a section called: /settings/external scripts/alias/alias_disk_loose
Key: alias_disk_loose
Used by: CheckExternalScripts
Sample:
# alias_disk_loose # Alias for alias_disk_loose. To configure this item add a section called: /settings/external scripts/alias/alias_disk_loose [CheckExternalScripts] alias_disk_loose=
alias_cpu
Description: Alias for alias_cpu. To configure this item add a section called: /settings/external scripts/alias/alias_cpu
Key: alias_cpu
Used by: CheckExternalScripts
Sample:
# alias_cpu # Alias for alias_cpu. To configure this item add a section called: /settings/external scripts/alias/alias_cpu [CheckExternalScripts] alias_cpu=
check_ok
Description: Alias for check_ok. To configure this item add a section called: /settings/external scripts/alias/check_ok
Key: check_ok
Used by: CheckExternalScripts
Sample:
# check_ok # Alias for check_ok. To configure this item add a section called: /settings/external scripts/alias/check_ok [CheckExternalScripts] check_ok=
default
Description: Alias for default. To configure this item add a section called: /settings/external scripts/alias/default
Key: default
Used by: CheckExternalScripts
Sample:
# default # Alias for default. To configure this item add a section called: /settings/external scripts/alias/default [CheckExternalScripts] default=
alias_volumes
Description: Alias for alias_volumes. To configure this item add a section called: /settings/external scripts/alias/alias_volumes
Key: alias_volumes
Used by: CheckExternalScripts
Sample:
# alias_volumes # Alias for alias_volumes. To configure this item add a section called: /settings/external scripts/alias/alias_volumes [CheckExternalScripts] alias_volumes=
alias_sched_long
Description: Alias for alias_sched_long. To configure this item add a section called: /settings/external scripts/alias/alias_sched_long
Key: alias_sched_long
Used by: CheckExternalScripts
Sample:
# alias_sched_long # Alias for alias_sched_long. To configure this item add a section called: /settings/external scripts/alias/alias_sched_long [CheckExternalScripts] alias_sched_long=
alias_updates
Description: Alias for alias_updates. To configure this item add a section called: /settings/external scripts/alias/alias_updates
Key: alias_updates
Used by: CheckExternalScripts
Sample:
# alias_updates # Alias for alias_updates. To configure this item add a section called: /settings/external scripts/alias/alias_updates [CheckExternalScripts] alias_updates=
alias_process
Description: Alias for alias_process. To configure this item add a section called: /settings/external scripts/alias/alias_process
Key: alias_process
Used by: CheckExternalScripts
Sample:
# alias_process # Alias for alias_process. To configure this item add a section called: /settings/external scripts/alias/alias_process [CheckExternalScripts] alias_process=
NSCP CLIENT SECTION
Section for NSCP active/passive check module.
Section: /settings/nscp/client
Keys:
| Key | Title | Description |
| channel | CHANNEL | The channel to listen to. |
Sample:
# NSCP CLIENT SECTION # Section for NSCP active/passive check module. [/settings/nscp/client] # CHANNEL # The channel to listen to. channel=NSCP
CHANNEL
Description: The channel to listen to.
Key: channel
Default value: NSCP
Used by: NSCPClient
Sample:
# CHANNEL # The channel to listen to. [NSCPClient] channel=NSCP
LUA SCRIPT SECTION
Section for the LUAScripts module.
Section: /settings/lua
Sample:
# LUA SCRIPT SECTION # Section for the LUAScripts module. [/settings/lua]
EVENT LOG SECTION
Section for the EventLog? Checker (CheckEventLog.dll).
Section: /settings/eventlog
Keys:
| Key | Title | Description |
| debug | DEBUG | Log more information when filtering (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog. |
| lookup names | LOOKUP NAMES | Lookup the names of eventlog files |
| buffer size | BUFFER_SIZE | The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve. |
| syntax | SYNTAX | Set this to use a specific syntax string for all commands (that don't specify one). |
Sample:
# EVENT LOG SECTION # Section for the EventLog Checker (CheckEventLog.dll). [/settings/eventlog] # DEBUG # Log more information when filtering (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog. debug=0 # LOOKUP NAMES # Lookup the names of eventlog files lookup names=1 # BUFFER_SIZE # The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve. buffer size=131072 # SYNTAX # Set this to use a specific syntax string for all commands (that don't specify one). syntax=
DEBUG
Description: Log more information when filtering (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog.
Key: debug
Default value: 0
Used by: CheckEventLog
Sample:
# DEBUG # Log more information when filtering (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog. [CheckEventLog] debug=0
LOOKUP NAMES
Description: Lookup the names of eventlog files
Key: lookup names
Default value: 1
Used by: CheckEventLog
Sample:
# LOOKUP NAMES # Lookup the names of eventlog files [CheckEventLog] lookup names=1
BUFFER_SIZE
Description: The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve.
Key: buffer size
Default value: 131072
Used by: CheckEventLog
Sample:
# BUFFER_SIZE # The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve. [CheckEventLog] buffer size=131072
SYNTAX
Description: Set this to use a specific syntax string for all commands (that don't specify one).
Key: syntax
Used by: CheckEventLog
Sample:
# SYNTAX # Set this to use a specific syntax string for all commands (that don't specify one). [CheckEventLog] syntax=
TracNav
Migration Guide
In general migrating between version is a zero-impact job. I always try to make everything behave in a backwards way. There are new features and new things which pops in here and there but often it is not noticeable at all. There have been the odd breaking change in between version (for instance some performance data shifts) but often it is a changed feature and something which has to be accepted.
0.4.x
This however changes when we come to version 0.4.x as it is brand new internal "core" which means the the entire application had been rewritten and refactored to facilitate a more lightweight and powerful architecture. In general when it comes to 0.4.x it will still be backwards compatible but it is done so for legacy cases ie. when you do not want to take advantage of the new functionality.
0.4.0
As there is a lot of things which are new in 0.4.0 the recommendation is for most people to remain which the existing configuration and existing feature set to and thus not change anything! This so that we can stabilize the configuration migration before everyone starts to migrate. So if you are upgrading to 0.4.0 please don't change anything as of yet unless you are planning to do some manual changes.
If you still want to migrate (for instance if you need or want to use some of the new functionality) please review the migration guide for detail on how to do this.
0.4.2
TODO
TracNav
Migrating to 0.4.0
In general it is not recommended for most people. This is because the automated migration tools could have bugs and thus you end up with a badly migrate solution. The recommended approach is to keep the old config for now unless you want to verify your migration manually.
Migrating to ini
Migrating is very simple all you need to do is:
nscp settings --migrate-to ini
What this will do is:
- Read the "old" configuration (and convert it in-line)
- Write the new configuration (ini)
- Switch your context to the new configuration (modify boot.ini).
Migrating to registry
Migrating is very simple all you need to do is:
nscp settings --migrate-to registry
What this will do is:
- Read the "old" configuration (and convert it in-line)
- Write the new configuration (regitry)
- Switch your context to the new configuration (modify boot.ini).
Reverting to old
If you which to revert your configuration you can easily do:
nscp settings --switch old
What this will do is:
- Switch your context to the old configuration (modify boot.ini).
Verifying your configuration
After migrating (to ini) you can easily verify your configuration by opening nsclient.ini and verify that all key you need are there. Note that some things have shifted around so for instance what was previously NSCAAgent.dll will no be both Scheduler as well as NSCAClient as both modules are required. There might also be some keys which are no longer supported as well as some keys which are not working and/or is not migrated properly. After migrating and verifying the config please report any issues so I can add them.
After verifying the config start the agent and verify that everything works (again some keys might migrate properly but there could be bugs and other issues in the actual program as well.) Again it is important to report all these to me so I can add support for them.
TracNav
Usage
Since we now have more then one version out in addition to an ever growing set of command line switches I have started two pages. One for the 0.3.x version and one for the 0.4.x version.
Documentation
Documentation for versions 0.3.x & 0.4.x starts here
TracNav
Usage 0.4.x
For older version please refer to doc/usage/0.3.x.
Using NSClient++ is pretty straight forward. It is a normal command line program which works similarly to cvs, git and various other module based commands. This means that the first given argument is a "mode" or "module" or whatever you want to call it. Regardless of name it will dictate which options are available and which actions will be taken.
The modes which are currently in 0.4.x is:
- client Run as a client, useful for accessing and controlling remote hosts as well as trying out commands and/or using NSClient++ from a script.
- test The famous "test mode" where you can view the log interactively and debug various issues ranging from connectivity to command syntax.
- settings Manipulate the settings in various forms. Ranging from migrate between format and stores to settings values.
- service Control the service (on Windows) with options such as install/uninstall as well as start and stop.
- help Get help on available options and modes.
- <short hand tag>
There is a set of short hands for using various built-in modules in client mode (this is the same as running nscp client --module <module name>.
Available (subject to change) short hands are:
- nrpe (NRPEClient)
- nscp (NSCPClient)
- nsca (NSCAClient)
- eventlog (CheckEventLog)
- python (PythonScript)
- py (PythonScript)
- lua (LuaScript?)
- syslog (SyslogClient)
client
The main goal of client is to do things you would normally do remotely, locally. For instance, you would normally run CheckProcess? via check_nrpe from your Nagios machine but you can do the exact same using nscp client --query CheckProcess. This can be useful in many instances such as when debugging commands (locally) or executing check_nrpe from a windows machine etc.
Client has three (ish) modes of operation:
- --query To execute a query against a module.
- --exec To execute a command against a module.
- --submit To submit a response via any of the passive protocols.
For details on how to use client mode refer to doc/usage/0.4.x/client for details.
test
This is the famous (?) --test mode of operation which is similar to client mode in many ways. The main difference is that test mode runs interactively (in contrast client mode has to have all commands specified on the command line). The main use for test mode is when you have problems with your monitoring and need to troubleshoot.
Start NSClient++ in test mode and see the errors as they happen, this is otherwise difficult to detect.
For details on how to use test mode refer to doc/usage/0.4.x/test for details.
settings
Used for manipulating the settings store in any conceivable way. Everything from switching context to migrating settings to settings keys and generating documentation.
For details on how to use settings mode refer to doc/usage/0.4.x/settings for details.
service
Used for manipulating the windows service.
For details on how to use service mode refer to doc/usage/0.4.x/service for details.
help
Gives you help (duh).
For details on how to use settings mode refer to someone else for details :)
TracNav
Client Mode
The main goal of client mode is to do things you would normally do remotely, locally. For instance you would normally run CheckProcess?? via check_nrpe from your Nagios machine, but you can do the exact same using nscp client --query CheckProcess?. This can be useful in many instances such as debugging commands (locally) or executing check_nrpe from a windows machine etc.
Client has three (ish) modes of operation:
- --query To execute a query against a module.
- --exec To execute a command against a module.
- --submit To submit a response via any of the passive protocols.
TracNav
Using settings mode
Used for manipulating the settings store in any conceivable way. Everything from switching context to migrating settings to settings keys and generating documentation.
TracNav
Using service mode
Used for manipulating the windows service.
TracNav
Using test mode
This is the famous (?) --test mode of operation which is similar to client mode in many ways. The main difference is that test mode runs interactively (in contrast client mode has to have all commands specified on the command line). The main use for test mode is when you have problems with your monitoring and need to troubleshoot.
Start NSClient++ in test mode and see the errors as they happen, this is otherwise difficult to detect.
TracNav
-
Problems
- 1. I am having problems where do I start?
- 2. Failed to open performance counters
- 3. Bind failed
- 4. "EventlogBuffer?? is too small
- 5. How do I properly escape spaces in strings
- 6. How do I properly escape $ in strings
- 7. System Tray does not work
- 8. I get <insert random error from nagios here>
- 9. PDH Errors
- 10. I use version 0.3.9 or 0.2.7
- 11. Rejected connection from: <ip address here>
- 12. Arguments via NRPE
- 13. Nasty metacharacters
Problems
1. I am having problems where do I start?
NSCP has a built-in "test and debug" mode that you can activate with the following command
nsclient++ /testWhat this does is two things.
- it starts the daemon as "usual" with the same configuration and such.
- it enables debug logging and logs to the console.
This makes it quite easy to see what is going on and why things go wrong.
2. Failed to open performance counters
- The first thing to check is the version. If you are using an old version (pre 0.3.x) upgrade!
- Second thing to check is whether the servers' performance counters working? Sometimes the performance counters end up broken and need to be rebuilt. See forum post: TODO topic - 78 here for details or Microsoft KB: http://support.microsoft.com/kb/300956 essentially you need to use the "lodctr /R" command.
3. Bind failed
- Usually this is due to running more then once instance of NSClient++ or possibly running another program that uses the same port.
- Make sure you don't have any other instance NSCLient++ started.
- Check if the port is in use (netstat -a look for LISTENING)
4. "EventlogBuffer?? is too small
- This is because you have one or more entries in your eventlog which are larger then the "default buffer size of 64k". The best way to fix this is to increase the buffer used.
[EventLog] buffer_size=128000
NOTE: You should add it to the ini file by yourself.
There are hundreds of options not in the ini file (all covered in the docs though). The default .ini is more a "common ones" and not a complete set.
The ini file that comes with the installation does not contain this variable by default.
5. How do I properly escape spaces in strings
When you need to put spaces in a string you do the following:
- nagios:
- As usual you can do it anyway you like but I prefer: check_nrpe ... 'this is a string'
- NSClient++ (inject, alias, external, etc...)
- The parser is badly written so the only option is:
CheckSomething "this is a string" CheckEventLog "filter-message=substr:Hello World"
- Not for instance:
filter-message="substr:Hello World" filter-message=substr:"Hello World"
- The parser is badly written so the only option is:
6. How do I properly escape $ in strings
From:
- nagios:
- $$ (you use two $ signs)
- from NSClient++
- $ (you do not need to escape them at all)
7. System Tray does not work
NOTICE System tray is currently disabled and will be added back at some point
8. I get <insert random error from nagios here>
This information is usually useless to me since the error in nagios is not related to the problem. This is due to most protocols supported by nagios does not support reporting errors only status. To see the error do the following:
net stop nscp nscp test --log info ... wait for errors to be reported ... exit net start nscp
To get the debug log do the following:
net stop nscp nscp test --log debug ... wait for errors to be reported ... exit net start nscp
Please check and include this information before you submit questions and/or bug reports.
9. PDH Errors
First upgrade to 0.4.1 then run the following command:
nscp sys --validate
This will list the common PDH counters used for mem/cpu/* and check that they exists and are working. Please this check and include information before you ask a question and/or report a bug
10. I use version 0.3.9 or 0.2.7
please upgrade to 0.4.1 and see if the error still persist before you ask questions and/or report bugs
11. Rejected connection from: <ip address here>
This is due to invalid configuration. One important thing you NEED to configure is which hosts are allowed to connect. If this configuration is missing or invalid you will get the following error:
013-04-02 16:34:07: e:D:\source\nscp\trunk\include\check_nt/server/protocol.hpp:65: Rejected connection from: ::ffff:10.83.14.251
To resolve this please update your configuration:
[/settings/default] ; ALLOWED HOSTS - A coma separated list of hosts which are allowed to connect. You can use netmasks (/ syntax) or * to create ranges. allowed hosts = <ADD YOUR NAGIOS 1 IP HERE>,<ADD YOUR NAGIOS 2 IP HERE>,10.11.12.0/24
12. Arguments via NRPE
See this page for details about using arguments and external scripts
13. Nasty metacharacters
If you get illegal metachars or similar errors you are sending characters which are considered harmful through NRPE. This is a security measure inherited from the regular NRPE client.
The following characters are considered harmful: |`&><'\"
[]{}
To enable this in the NRPE server you can add the following (please notice the same issue is also valid for CheckExternalScripts if you are using scripts see question 12 for details):
[/settings/NRPE/server] allow nasty characters=true
