file:   README.Nagios
author: Alexander Haderer
date:	17 Dec 2002
cvs:    $Id: README.Nagios,v 1.1 2002/12/17 18:04:46 afrika Exp $


 		R E A D M E    N A G I O S    S E T U P


  This file describes how to setup Nagios to monitor local or remote 
  kernel syslog messages. Nagios is a Network monitoring software and 
  can be found at http://www.nagios.org .

  For remote monitoring Nagios requires the plugin check_snmp to work, 
  which uses NET-SNMP tools. NET-SNMP is a collection of SNMP utilities 
  and can be found at http://www.net-snmp.org .

  This is only a brief description to give an idea how to set this up.
  Read the manpages and docu to understand what you do.

  The setup was done with Nagios 1.0, newer versions are assumed 
  to work also.


HOW TO 'local monitoring'

  Read this if you want to monitor a kernel syslog file that is local
  on the host running Nagios. fetchlog will run as a Nagios plugin.

  1. install
 	Install fetchlog as described in the README. fetchlog's calling
 	convention is compatible with Nagios's plugin calling convention.
	You can install fetchlog in the default location /usr/local/...

  2. setup syslog
	Setup syslog to write local kernel messages to /var/log/kernelmsg
	as described in README.SNMP, 'HOWTO GET /POLLING', step 2-6'
	
	Note: You can configure syslogd to act as a loghost: remote machines
	send selected syslog messages to the loghost. Read the syslogd 
	manpage how to set this up.

  3. Nagios config: new service check command
	login as Nagios user, cd etc and edit configuration file command.cfg.
	Add a new service check command by adding this line:

	command[check_lkernel]=/usr/local/bin/fetchlog -F 35:75:330:bnos \
				/var/log/kernelmsg /var/tmp/kernelbm
	Note: Enter this as one single line.

  4. Nagios config: new service
	Edit config file hosts.cfg. Add a new service by adding this line:
	
	service[host]=kernel;1;24x7;1;5;1;admin;720;24x7;0;1;1;;check_lkernel

	where host is the Nagios name for the Nagios host and admin 
        is the contact group.

	Note: This service is volatile and sends out notification immediately
	after the first check failed. Further checks with error will result
	to further notifications send out (volatile!)

  4. Nagios config: email notification
	Edit .../etc/hosts.cmd again and look for  command[notify-by-email] 
	command string and command[host-notify-by-email] command string.
	Check if the 'echo -e' command sends out the contents of the
	$OUTPUT$ variable to the mail program:

	.... TIME$\n\nAdditional Info:\n\n$OUTPUT$'" | /usr/bin/mail ...
	
  5. Nagios restart
	Change to Nagios home dir and check the new Nagios config 
	by running:

	bin/nagios -v etc/nagios.cfg

	If everything is ok restart Nagios. Test your new config by
	creating some kernel log messages. Look in Nagios logfile. 
	Watch your email.


HOW TO 'remote monitoring'

  Read this if you want Nagios to monitor remote logfiles using 
  check_snmp/NET-SNMP and fetchlog.

  Please read first README.SNMP 

  CONVENTION
   
  remote machine: A machine running NET-SNMP's snmpd as described in
	README.SNMP, section 'HOW TO: GET / POLLING'. The snmpd will 
	offer SNMP clients (Nagios machine) the last new messages 
	of the kernel logfile.

  Nagios machine: A machine running Nagios.

  1. install:
	Goto Nagios machine. Check if check_snmp plugin works. This
	plugin requires NET-SNMP at the Nagios machine.

  2. test check_snmp:
	login as Nagios user, cd libexec, and try
		
	./check_snmp -H ip_of_remote_machine -C donttell \
		-o .1.3.6.1.4.1.2021.8.1.101.1 -s 'OK: no messages' -l kernel

        where donttell is the SNMP community name and ip_of_remote_machine
	is the IP adress or hostname of the remote machine. 

	Create some kernel messages at the remote machine and retry 
	the check_snmp plugin.

	To see better formatted output you can do

	printf "`./check_snmp ...`\n"

	Note: Output will be scrambled if the fetched messages contains
	the character '%', use conversion setting 'p' in fetchlog to 
	avoid this.

  3. Nagios config: new service check command
	login as Nagios user, cd etc and edit configuration file command.cfg.
	Add a new service check command by adding this line:

	command[check_rkernel]=$USER1$/check_snmp -H $HOSTADDRESS$  \
		-C donttell -o .1.3.6.1.4.1.2021.8.1.101.1 \
		-s 'OK: no messages' -l kernel

	Note: Enter this as one single line.

  4. Nagios config: new service
	Edit config file hosts.cfg. Add a new service by adding this line:
	
	service[remote]=kernel;1;24x7;1;5;1;admin;720;24x7;0;1;0;;check_rkernel

	where remhost is the Nagios name for the net address of the
	remote machine and admin is the contact group.

	Note: This service is volatile and sends out notification immediately
	after the first check failed. Further checks with error will result
	to further notifications send out (volatile!)

  4. Nagios config: email notification
	Edit .../etc/hosts.cmd again and look for  command[notify-by-email] 
	command string and command[host-notify-by-email] command string.
	Check if the 'echo -e' command sends out the contents of the
	$OUTPUT$ variable to the mail program:

	.... TIME$\n\nAdditional Info:\n\n$OUTPUT$'" | /usr/bin/mail ...
	
  5. Nagios restart
	Change to Nagios home dir and check the new Nagios config 
	by running:

	bin/nagios -v etc/nagios.cfg

	If everything is ok restart Nagios. Test your new config by
	creating some kernel log messages at the remote machine. Look 
 	in Nagios logfile. Watch your email.

  Happy monitoring!


SEE ALSO

  Nagios - A network monitoring system formerly known as Netsaint
  http://www.nagios.org

  NET-SNMP  -  Various  tools relating to the Simple Network
  Management Protocol SNMP (NET-SNMP: formerly known as UCD- SNMP)
  http://www.net-snmp.org


LEGAL

   Nagios is a registered trademark of Ethan Galstad

EOF