Version 8 (modified by mickem, 4 years ago) (diff)

--

TracNav

  1. Using NSClient++ from nagios with NSCA
    1. 1. Overview of NSCA
    2. 2. NSClient++ configuration
      1. 2.1 Modules
      2. 2.2 NSCA Configuration
      3. 2.3 NSCA Commands
    3. NSCA (nsca-server)
      1. using from the command line
      2. NSClient++ configuration
      3. nagios configuration

Using NSClient++ from nagios with NSCA

NSCA (Nagios Service Check Acceptor) is a server which runs on the Nagios server and accepts passive checks results from various servers.

Passive in this context means that Nagios is not the initiator of the actual check commands above. Instead the client (when it is configure to do so) will submit the results to Nagios (thus it will initiate the data transfer). If you compare the above image with the one used with NRPE you will notice that the arrow points from the client to Nagios whereas the NRPE one points from Nagios to your client.

1. Overview of NSCA

As I stated before NSCA is "sort of the reverse" of NRPE and the diagram above illustrates the process by which Nagios receives the check results.

  1. NSClient++ decides it is time to send the results
  2. NSClient++ gathers all results
  3. NSClient++ connect to NSCA (server) and sends all results
  4. NSClient++ goes back to sleap

So in essence NSCA is (again) merely a transport mechanism to send the result of a check command over the network. But the big change is that this time it is NSClient++ who decides when it is time to do so.

2. NSClient++ configuration

Since NSCA is a server we shall start by configuring NSClient++ as thats were most things will happen. Also since this is an "advanced" guide it is assumed you have read at least the NRPE guide and are familiar with the basic working of both Nagios and NSClient++.

2.1 Modules

The first thing you do is to make sure you have all the proper modules loaded. The basic ones we will need for basic checks in addition to the NSCAAgent. One important thing to notice is that once the NSCAAgent is loaded it will start (attempting) to submit passive check results. This means that if it not properly configured it will result in a lot of error messages.

So lets start with the following modules:

ModuleDescriptionCommands
CheckSystem.dllHandles many system checksCheckCPU, CheckMEM etc
CheckDisk.dllHandles Disk related checksCheckDisk
CheckExternalScripts.dllHandles aliases (which is what we will use) and external scripts.N/A
FileLogger.dllLogs errors to a file so you can see what is going onN/A
NSCAAgent.dllSubmits passive checks results to NSCA (server) on NagiosN/A

The resulting modules section in NSC.ini will look like so: 

[modules]
CheckSystem.dll
CheckDisk.dll
CheckExternalScripts.dll
FileLogger.dll
NSCAAgent.dll

2.2 NSCA Configuration

Then we move on to configure NSCA which is not that hard a quick overview of the basic settings you need to edit:

interval
Perhaps the most important option. It controls the interval which NSClient++ will use when it runs the checks in essence this is the amount of time between a check will be submitted to Nagios (via NSCA). Since there is only one of these it will not be possible to have individual intervals for various checks instead all checks will be submitted using this interval.
encryption_method
The encryption algorithm to use. It is often a good idea to set this to 0 (None) when you try this out as it will reduce the number things which might be broken. If you have the incorrect one it will be hard to know what is wrong. For production I would recommend using 14 (AES) at is it a fairly strong algorithm.
password
The password is the "secret" you share with NSCA it has to be the same on both ends (or again like with encryption) nothing will work.
nsca_host
This is the IP address of the NSCA server (often the same as the Nagios server). This will not default to the allowed_hosts directive so you HAVE to specify this option.

The resulting configuration will look something like this: 

;# CHECK INTERVALL (in seconds)
;   How often we should run the checks and submit the results.
interval=5m
;
;# ENCRYPTION METHOD
;   This option determines the method by which the send_nsca client will encrypt the packets it sends 
;   to the nsca daemon. The encryption method you choose will be a balance between security and 
;   performance, as strong encryption methods consume more processor resources.
;   You should evaluate your security needs when choosing an encryption method.
;
; Note: The encryption method you specify here must match the decryption method the nsca daemon uses 
;       (as specified in the nsca.cfg file)!!
; Values:
;	0 = None	(Do NOT use this option)
;	1 = Simple XOR  (No security, just obfuscation, but very fast)
;   2 = DES
;   3 = 3DES (Triple DES)
;	4 = CAST-128
;	6 = xTEA
;	8 = BLOWFISH
;	9 = TWOFISH
;	11 = RC2
;	14 = RIJNDAEL-128 (AES)
;	20 = SERPENT
encryption_method=0
;
;# ENCRYPTION PASSWORD
;  This is the password/passphrase that should be used to encrypt the sent packets. 
password=secret-password
;
;# NAGIOS SERVER ADDRESS
;  The address to the nagios server to submit results to.
nsca_host=192.168.0.1

2.3 NSCA Commands

Now we (hopefully) have configure NSCA which will work splendidly but untill we add some checks it wont actually do anything. Checks for NSCA is added under the NSCA Commands section. The syntax of this section is <service definition>=<check command>.

service definition
The service definition is the name of the service IN Nagios.
check command
The check command is the command to run inside NSClient++

NSCA (nsca-server)

... TODO ...

using from the command line

... TODO ...

NSClient++ configuration

... TODO ...

nagios configuration

... TODO ...

Attachments (6)

Download all attachments as: .zip