file: README.Nagios author: Alexander Haderer date: 17 Dec 2002 cvs: $Id: README.Nagios,v 1.1 2002/12/17 18:04:46 afrika Exp $ R E A D M E N A G I O S S E T U P This file describes how to setup Nagios to monitor local or remote kernel syslog messages. Nagios is a Network monitoring software and can be found at http://www.nagios.org . For remote monitoring Nagios requires the plugin check_snmp to work, which uses NET-SNMP tools. NET-SNMP is a collection of SNMP utilities and can be found at http://www.net-snmp.org . This is only a brief description to give an idea how to set this up. Read the manpages and docu to understand what you do. The setup was done with Nagios 1.0, newer versions are assumed to work also. HOW TO 'local monitoring' Read this if you want to monitor a kernel syslog file that is local on the host running Nagios. fetchlog will run as a Nagios plugin. 1. install Install fetchlog as described in the README. fetchlog's calling convention is compatible with Nagios's plugin calling convention. You can install fetchlog in the default location /usr/local/... 2. setup syslog Setup syslog to write local kernel messages to /var/log/kernelmsg as described in README.SNMP, 'HOWTO GET /POLLING', step 2-6' Note: You can configure syslogd to act as a loghost: remote machines send selected syslog messages to the loghost. Read the syslogd manpage how to set this up. 3. Nagios config: new service check command login as Nagios user, cd etc and edit configuration file command.cfg. Add a new service check command by adding this line: command[check_lkernel]=/usr/local/bin/fetchlog -F 35:75:330:bnos \ /var/log/kernelmsg /var/tmp/kernelbm Note: Enter this as one single line. 4. Nagios config: new service Edit config file hosts.cfg. Add a new service by adding this line: service[host]=kernel;1;24x7;1;5;1;admin;720;24x7;0;1;1;;check_lkernel where host is the Nagios name for the Nagios host and admin is the contact group. Note: This service is volatile and sends out notification immediately after the first check failed. Further checks with error will result to further notifications send out (volatile!) 4. Nagios config: email notification Edit .../etc/hosts.cmd again and look for command[notify-by-email] command string and command[host-notify-by-email] command string. Check if the 'echo -e' command sends out the contents of the $OUTPUT$ variable to the mail program: .... TIME$\n\nAdditional Info:\n\n$OUTPUT$'" | /usr/bin/mail ... 5. Nagios restart Change to Nagios home dir and check the new Nagios config by running: bin/nagios -v etc/nagios.cfg If everything is ok restart Nagios. Test your new config by creating some kernel log messages. Look in Nagios logfile. Watch your email. HOW TO 'remote monitoring' Read this if you want Nagios to monitor remote logfiles using check_snmp/NET-SNMP and fetchlog. Please read first README.SNMP CONVENTION remote machine: A machine running NET-SNMP's snmpd as described in README.SNMP, section 'HOW TO: GET / POLLING'. The snmpd will offer SNMP clients (Nagios machine) the last new messages of the kernel logfile. Nagios machine: A machine running Nagios. 1. install: Goto Nagios machine. Check if check_snmp plugin works. This plugin requires NET-SNMP at the Nagios machine. 2. test check_snmp: login as Nagios user, cd libexec, and try ./check_snmp -H ip_of_remote_machine -C donttell \ -o .1.3.6.1.4.1.2021.8.1.101.1 -s 'OK: no messages' -l kernel where donttell is the SNMP community name and ip_of_remote_machine is the IP adress or hostname of the remote machine. Create some kernel messages at the remote machine and retry the check_snmp plugin. To see better formatted output you can do printf "`./check_snmp ...`\n" Note: Output will be scrambled if the fetched messages contains the character '%', use conversion setting 'p' in fetchlog to avoid this. 3. Nagios config: new service check command login as Nagios user, cd etc and edit configuration file command.cfg. Add a new service check command by adding this line: command[check_rkernel]=$USER1$/check_snmp -H $HOSTADDRESS$ \ -C donttell -o .1.3.6.1.4.1.2021.8.1.101.1 \ -s 'OK: no messages' -l kernel Note: Enter this as one single line. 4. Nagios config: new service Edit config file hosts.cfg. Add a new service by adding this line: service[remote]=kernel;1;24x7;1;5;1;admin;720;24x7;0;1;0;;check_rkernel where remhost is the Nagios name for the net address of the remote machine and admin is the contact group. Note: This service is volatile and sends out notification immediately after the first check failed. Further checks with error will result to further notifications send out (volatile!) 4. Nagios config: email notification Edit .../etc/hosts.cmd again and look for command[notify-by-email] command string and command[host-notify-by-email] command string. Check if the 'echo -e' command sends out the contents of the $OUTPUT$ variable to the mail program: .... TIME$\n\nAdditional Info:\n\n$OUTPUT$'" | /usr/bin/mail ... 5. Nagios restart Change to Nagios home dir and check the new Nagios config by running: bin/nagios -v etc/nagios.cfg If everything is ok restart Nagios. Test your new config by creating some kernel log messages at the remote machine. Look in Nagios logfile. Watch your email. Happy monitoring! SEE ALSO Nagios - A network monitoring system formerly known as Netsaint http://www.nagios.org NET-SNMP - Various tools relating to the Simple Network Management Protocol SNMP (NET-SNMP: formerly known as UCD- SNMP) http://www.net-snmp.org LEGAL Nagios is a registered trademark of Ethan Galstad EOF