SLA
<#"785441.files/image031.gif">
Рис. Д.1 - Диаграмма
работы ядра сетевого мониторинга
Приложение Е
Структура конфигурационных файлов ядра системы
/etc/nagios3
├── apache2.conf
├── cgi.cfg
├── commands.cfg
├── commands.cfg.dpkg-dist
├── conf.d
│ ├── contacts_nagios2.cfg
│ ├── extinfo_nagios2.cfg
│ ├── generic-host_nagios2.cfg
│ ├── generic-service_nagios2.cfg
│ ├── host-gateway_nagios3.cfg
│ ├──
host-gateway_nagios3.cfg.ucf-dist
│ ├── hostgroups_nagios2.cfg
│ ├── localhost_nagios2.cfg
│ ├── services_nagios2.cfg
│ └── timeperiods_nagios2.cfg
├── htpasswd.users
├── nagios.cfg
├── nagios.cfg.dpkg-dist
├── objects
│ ├── contacts.cfg
│ ├── extinfo.cfg
│ ├── hostgroups.cfg
│ ├── routers
│ │ ├── at9924.cfg
│ │ ├── des3627g.cfg
│ │ ├── rapier24i.cfg
│ │ └── router_len58a.cfg
│ ├── servers
│ │ ├── 1c.cfg
│ │ ├── db.cfg
│ │ ├── for.cfg
│ │ ├── host_mail.cfg
│ │ ├── isp.cfg
│ │ └── localhost.cfg
│ ├── servicegroups.cfg
│ ├── switches
│ ├── templates.cfg
│ └── timeperiods.cfg
├── pnp
├── resource.cfg
└── stylesheets
├── avail.css
├── checksanity.css
├── cmd.css
├── common.css
├── config.css
├── extinfo.css
├── histogram.css
├── history.css
├── ministatus.css
├── notifications.css
├── outages.css
├── showlog.css
├── status.css
├── statusmap.css
├── summary.css
├── tac.css
└── trends.css
Приложение Ж
Рис. Ж.1 - Схема взаимодействия конфигурационных файлов Nagios
Приложение З
Файлы описания хостов и служб
/etc/nagios3/objects/contacts.cfg
contact{_name nagiosadmin ; Short name of usergeneric-contact
; Inherit default values from generic-contact template (defined above)Voynovich
Andrey ; Full name of useradmin@vpcit.ru_notifications_enabled
1_notifications_enabled 1_notification_period 24x7_notification_period
24x7_notification_options w,u,c,r_notification_options
d,u,r_notification_commands notify-service-by-email_notification_commands
notify-host-by-email_submit_commands 1
}
contact{_name mainadmin ; Short name of usergeneric-contact ;
Inherit default values from generic-contact template (defined above)Demidoff
Alexander ; Full name of userdemidoff@vpcit.ru host_notifications_enabled
1_notifications_enabled 1_notification_period 24x7_notification_period
24x7_notification_options w,u,c,r_notification_options
d,u,r_notification_commands notify-service-by-email_notification_commands
notify-host-by-email_submit_commands 0
}
contact{_name maincoder ; Short name of usergeneric-contact ;
Inherit default values from generic-contact template (defined above)Don Yura ;
Full name of useryura@vpcit.ru_notifications_enabled 1_notifications_enabled
1_notification_period 24x7_notification_period 24x7_notification_options
w,u,c,r_notification_options d,u,r_notification_commands
notify-service-by-email_notification_commands
notify-host-by-email_submit_commands 0
}
/etc/nagios3/objects/extinfo.cfg
hostextinfo{_name debian-serversDebian GNU/Linux
servers_image base/debian.png_image_alt Debian GNU/Linux_image debian.png_image
base/debian.gd2
}
hostextinfo{_name windows-serversMicrosoft Windows
servers_image base/win40.png_image_alt Microsoft Windows_image win40.png_image
base/win40.gd2
}
hostextinfo{_name routersNetwork Routers_image
base/router40.png_image_alt Router_image router40.png_image base/router40.gd2
}
/etc/nagios3/objects/hostgroups.cfg
# Define an optional hostgroup for Linux
machineshostgroup{_name linux-servers ; The name of the hostgroupLinux Servers
; Long name of the grouplocalhost,host_mail,db,isp,for ; Comma separated list
of hosts that belong to this group
}
# A list of your Debian GNU/Linux servershostgroup {_name
debian-serversDebian GNU/Linux Serverslocalhost,host_mail,db,isp,for,router_len58a
}
# Define a hostgroup for Windows machines
# All hosts that use the windows-server template will
automatically be a member of this group
hostgroup{_name windows-servers ; The name of the hostgroupWindows
Servers ; Long name of the group
}
# Create a new hostgroup for switches
hostgroup{_name routers ; The name of the hostgroupNetwork
Routers ; Long name of the group
}
/etc/nagios3/objects/templates.cfg
# CONTACT TEMPLATES
# Generic contact definition template - This is NOT a real
contact, just a template!
contact{generic-contact ; The name of this contact
template_notification_period 24x7 ; service notifications can be sent
anytime_notification_period 24x7 ; host notifications can be sent anytime_notification_options
w,u,c,r,f,s ; send notifications for all service states, flapping events, and
scheduled downtime events_notification_options d,u,r,f,s ; send notifications
for all host states, flapping events, and scheduled downtime events_notification_commands
notify-service-by-email ; send service notifications via
email_notification_commands notify-host-by-email ; send host notifications via
email0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL CONTACT, JUST A
TEMPLATE!
}
# HOST TEMPLATES
# Generic host definition template - This is NOT a real host,
just a template!
host{generic-host ; The name of this host template_enabled 1
; Host notifications are enabled_handler_enabled 1 ; Host event handler is
enabled_detection_enabled 1 ; Flap detection is enabled_prediction_enabled 1 ;
Failure prediction is enabled_perf_data 1 ; Process performance
data_status_information 1 ; Retain status information across program
restarts_nonstatus_information 1 ; Retain non-status information across program
restarts_period 24x7 ; Send host notifications at any time0 ; DONT REGISTER
THIS DEFINITION - ITS NOT A REAL HOST, JUST A TEMPLATE!
}
# Linux host definition template - This is NOT a real host,
just a template!
host{linux-server ; The name of this host templategeneric-host
; This template inherits other values from the generic-host template_period
24x7 ; By default, Linux hosts are checked round the clock_interval 5 ;
Actively check the host every 5 minutes_interval 1 ; Schedule host check
retries at 1 minute intervals_check_attempts 10 ; Check each Linux host 10
times (max)_command check-host-alive ; Default command to check Linux
hosts_period workhours ; Linux admins hate to be woken up, so we only notify
during the day
; Note that the notification_period variable is being
overridden from
; the value that is inherited from the generic-host
template!_interval 120 ; Resend notifications every 2 hours_options d,u,r ;
Only send notifications for specific host states_groups admins ; Notifications
get sent to the admins by default0 ; DONT REGISTER THIS DEFINITION - ITS NOT A
REAL HOST, JUST A TEMPLATE!
}
# Windows host definition template - This is NOT a real host,
just a template!
host{windows-server ; The name of this host
templategeneric-host ; Inherit default values from the generic-host
template_period 24x7 ; By default, Windows servers are monitored round the
clock_interval 5 ; Actively check the server every 5 minutes_interval 1 ;
Schedule host check retries at 1 minute intervals_check_attempts 10 ; Check
each server 10 times (max)_command check-host-alive ; Default command to check
if servers are "alive"_period 24x7 ; Send notification out at any
time - day or night_interval 30 ; Resend notifications every 30 minutes_options
d,r ; Only send notifications for specific host states_groups admins ;
Notifications get sent to the admins by defaultwindows-servers ; Host groups
that Windows servers should be a member of0 ; DONT REGISTER THIS - ITS JUST A
TEMPLATE
}
# We define a generic printer template that can be used for
most printers we monitor
host{generic-printer ; The name of this host
templategeneric-host ; Inherit default values from the generic-host
template_period 24x7 ; By default, printers are monitored round the
clock_interval 5 ; Actively check the printer every 5 minutes_interval 1 ;
Schedule host check retries at 1 minute intervals_check_attempts 10 ; Check
each printer 10 times (max)_command check-host-alive ; Default command to check
if printers are "alive"_period workhours ; Printers are only used
during the workday_interval 30 ; Resend notifications every 30 minutes_options
d,r ; Only send notifications for specific host states_groups admins ;
Notifications get sent to the admins by default0 ; DONT REGISTER THIS - ITS
JUST A TEMPLATE
}
# Define a template for switches that we can
reusehost{generic-switch ; The name of this host templategeneric-host ; Inherit
default values from the generic-host template_period 24x7 ; By default,
switches are monitored round the clock_interval 5 ; Switches are checked every
5 minutes_interval 1 ; Schedule host check retries at 1 minute
intervals_check_attempts 10 ; Check each switch 10 times (max)_command
check-host-alive ; Default command to check if routers are "alive"_period
24x7 ; Send notifications at any time_interval 30 ; Resend notifications every
30 minutes_options d,r ; Only send notifications for specific host
states_groups admins ; Notifications get sent to the admins by default0 ; DONT
REGISTER THIS - ITS JUST A TEMPLATE
}
# SERVICE TEMPLATES
# Generic service definition template - This is NOT a real
service, just a template!
service{generic-service ; The 'name' of this service
template_checks_enabled 1 ; Active service checks are enabled_checks_enabled 1
; Passive service checks are enabled/accepted_check 1 ; Active service checks
should be parallelized (disabling this can lead to major performance
problems)_over_service 1 ; We should obsess over this service (if
necessary)_freshness 0 ; Default is to NOT check service 'freshness'_enabled 1
; Service notifications are enabled_handler_enabled 1 ; Service event handler
is enabled_detection_enabled 1 ; Flap detection is enabled_prediction_enabled 1
; Failure prediction is enabled_perf_data 1 ; Process performance
data_status_information 1 ; Retain status information across program
restarts_nonstatus_information 1 ; Retain non-status information across program
restarts_volatile 0 ; The service is not volatile_period 24x7 ; The service can
be checked at any time of the day_check_attempts 3 ; Re-check the service up to
3 times in order to determine its final (hard) state_check_interval 10 ; Check
the service every 10 minutes under normal conditions_check_interval 2 ;
Re-check the service every two minutes until a hard state can be
determined_groups admins ; Notifications get sent out to everyone in the
'admins' group_options w,u,c,r ; Send notifications about warning, unknown,
critical, and recovery events_interval 60 ; Re-notify about service problems
every hour_period 24x7 ; Notifications can be sent out at any time0 ; DONT
REGISTER THIS DEFINITION - ITS NOT A REAL SERVICE, JUST A TEMPLATE!
}
# Local service definition template - This is NOT a real
service, just a template!
service{local-service ; The name of this service
templategeneric-service ; Inherit default values from the generic-service
definition_check_attempts 4 ; Re-check the service up to 4 times in order to
determine its final (hard) state_check_interval 5 ; Check the service every 5
minutes under normal conditions_check_interval 1 ; Re-check the service every
minute until a hard state can be determined0 ; DONT REGISTER THIS DEFINITION -
ITS NOT A REAL SERVICE, JUST A TEMPLATE!
}
/etc/nagios3/objects/timeperiods.cfg
# This defines a timeperiod where all times are valid for
checks,
# notifications, etc. The classic "24x7" support
nightmare. :-)timeperiod{_name 24x724 Hours A Day, 7 Days A
Week00:00-24:0000:00-24:0000:00-24:0000:00-24:0000:00-24:0000:00-24:0000:00-24:00
}
# 'workhours' timeperiod definitiontimeperiod{_name
workhoursNormal Work
Hours09:00-18:0009:00-18:0009:00-18:0009:00-18:0009:00-18:00
}
# 'none' timeperiod definitiontimeperiod{_name noneNo Time Is
A Good Time
}
# Some U.S. holidays
# Note: The timeranges for each holiday are meant to
*exclude* the holidays from being
# treated as a valid time for notifications, etc. You
probably don't want your pager
# going off on New Year's. Although you're employer might...
:-)timeperiod{us-holidays_name us-holidaysU.S. Holidays
1 00:00-00:00 ; New Years-1 may 00:00-00:00 ; Memorial Day
(last Monday in May)4 00:00-00:00 ; Independence Day1 september 00:00-00:00 ;
Labor Day (first Monday in September)-1 november 00:00-00:00 ; Thanksgiving
(last Thursday in November)25 00:00-00:00 ; Christmas
}
# This defines a modified "24x7" timeperiod that
covers every day of the
# year, except for U.S. holidays (defined in the timeperiod
above).timeperiod{_name 24x7_sans_holidays24x7 Sans Holidays
us-holidays ; Get holiday exceptions from other timeperiod
00:00-24:0000:00-24:0000:00-24:0000:00-24:0000:00-24:0000:00-24:0000:00-24:00
}
/etc/nagios3/objects/servers/localhost.cfg
host{linux-server_name localhostlocalhost127.0.0.1_interval
0.12_period 24x7_options d,u,f,r_interval 30_groups admins_enabled 1
}
service{local-service_name localhost_description PING_command
check_ping!100.0,20%!500.0,60%_period 24x7_options w,c,r_interval 30_groups
admins_enabled 1
}service{local-service_name localhost_description Root Partition_command
check_local_disk!20%!10%!/_period 24x7_options w,c,r_interval 30_groups
admins_enabled 1
}
service{local-service_name localhost_description var
Partition_command check_local_disk!20%!10%!/var_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
service{local-service_name localhost_description Current
Users_command check_local_users!20!50_period 24x7_options w,c,r_interval
30_groups admins_enabled 1
}
service{local-service_name localhost_description Total
Processes_command check_local_procs!250!400!RSZDT_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
service{local-service_name localhost_description Current
Load_command check_local_load!5.0,4.0,3.0!10.0,6.0,4.0_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}service{local-service_name localhost_description Swap
Usage_command check_local_swap!20!10_period 24x7_options w,c,r_interval
30_groups admins_enabled 1
}
# Define a service to check SSH on the local machine.
# Disable notifications for this service by default, as not
all users may have SSH enabled.
service{local-service ; Name of service template to use_name
localhost_description SSH_command check_ssh_period 24x7_options w,c,r_interval
30_groups admins_enabled 1
}
# Define a service to check HTTP on the local machine.
# Disable notifications for this service by default, as not
all users may have HTTP enabled.service{local-service ; Name of service
template to use_name localhost_description HTTP_command check_http_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service; Inherit values from a template_name
localhost_description Uptime_command check_netapp_uptime
}
service{generic-service; Inherit values from a template_name
localhost_description eth0 System Link Status on hosting_command
check_snmp!public!ifOperStatus.2! -m RFC1213-MIB_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}service{generic-service; Inherit values from a template_name
localhost_description eth0.1001 Management Link Status on hosting_command
check_snmp!public!ifOperStatus.3! -m RFC1213-MIB_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
# Monitor bandwidth via MRTG logs
service{generic-service; Inherit values from a template_name
localhost_description eth0 System Link Bandwidth Usage on hosting_command
traffic_average!/var/www/mrtg/monitoring/127.0.0.1_2.log!AVG!1000000,2000000!5000000,5000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service; Inherit values from a template_name
localhost_description eth0.1001 Management Link Usage on hosting_command
traffic_average!/var/www/mrtg/monitoring/127.0.0.1_3.log!AVG!1000000,2000000!5000000,5000000!10
# servicegroups bandwidth_services_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service_name localhost_description Memory
Usage_command check_snmp_mem_v1!public!70,70!90,90_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
/etc/nagios3/objects/servers/1c.cfg
# Define a host for the Windows machine we'll be monitoring
# Change the host_name, alias, and address to fit your
situationhost{windows-server ; Inherit default values from a template_name 1c ;
The name we're giving to this host1c terminal server ; A longer name associated
with the host10.10.80.33 ; IP address of the host_period 24x7_options
d,u,f,r_interval 30_groups admins_enabled 1
}
# Create a service for monitoring the version of NSCLient++
that is installed
# Change the host_name to match the name of the host you
defined above
service{generic-service_name 1c_description NSClient++
Version_command check_nt!CLIENTVERSION
}
# Create a service for monitoring the uptime of the server
# Change the host_name to match the name of the host you
defined above
service{generic-service_name 1c_description Uptime_command
check_nt!UPTIME
}
# Create a service for monitoring CPU load
# Change the host_name to match the name of the host you
defined above
service{generic-service_name 1c_description CPU Load_command
check_nt!CPULOAD!-l 5,80,90_period 24x7_options w,c,r_interval 30_groups
admins_enabled 1
}
# Create a service for monitoring
# Change the host_name to match the name of the host you
defined above
service{generic-service_name 1c_description Memory
Usage_command check_nt!MEMUSE!-w 80 -c 90_period 24x7_options w,c,r_interval
30_groups admins_enabled 1
}
# Create a service for monitoring C:\ disk usage
# Change the host_name to match the name of the host you
defined above
service{generic-service_name 1c_description C:\ System
Space_command check_nt!USEDDISKSPACE!-l c -w 80 -c 90_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service_name 1c_description D:\ Data
Space_command check_nt!USEDDISKSPACE!-l d -w 80 -c 90_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service_name 1c_description E:\ Swap
Usage_command check_nt!USEDDISKSPACE!-l e -w 80 -c 90_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
# Create a service for monitoring the Explorer.exe process
# Change the host_name to match the name of the host you
defined above
service{generic-service_name 1c_description Explorer_command
check_nt!PROCSTATE!-d SHOWALL -l Explorer.exe_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
/etc/nagios3/objects/servers/db.cfg
host{linux-server_name dbDatabase and
DNS192.168.10.215at9924_period 24x7_options d,u,r,f_interval 30_groups
admins_enabled 1
}
service{local-service ; Name of service template to use_name
db_description PING_command check_ping!100.0,20%!500.0,60%_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service; Inherit values from a template_name
db_description Uptime_command check_netapp_uptime
}
service{generic-service_name db_description CPU Load_command
check_nrpe_1arg!check_load_period 24x7_options w,c,r_interval 30_groups
admins_enabled 1
}
service{generic-service_name db_description / Free
Space_command check_nrpe_1arg!check_disk1_period 24x7_options w,c,r_interval
30_groups admins_enabled 1
}
service{generic-service_name db_description /var Free
Space_command check_nrpe_1arg!check_disk2_period 24x7_options w,c,r_interval
30_groups admins_enabled 1
}
service{generic-service_name db_description Raid State
md0_command check_nrpe_1arg!check_raid_period 24x7_options w,c,r_interval
30_groups admins_enabled 1
}
service{generic-service_name db_description Total
Processes_command check_nrpe_1arg!check_total_procs_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service_name db_description Zombie
Processes_command check_nrpe_1arg!check_zombie_procs_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service_name db_description Swap
Usage_command check_nrpe_1arg!check_swap_period 24x7_options w,c,r_interval
30_groups admins_enabled 1
}
service{generic-service_name db_description Memory
Usage_command check_snmp_mem_v1!public!85,70!90,90_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service; Inherit values from a template_name
db_description DNS_command check_dns
}
/etc/nagios3/objects/servers/for.cfg
host{linux-server_name forFortochka192.168.10.3_period
24x7_options d,u,r,f_interval 30_groups admins_enabled 1
}
# SERVICE DEFINITIONS
# Define a service to "ping" the machine
service{local-service_name for_description PING_command
check_ping!100.0,20%!500.0,60%_period 24x7_options w,c,r_interval 30_groups
admins_enabled 1
}
# Monitor uptime via SNMP
service{generic-service_name for_description Uptime_command
check_netapp_uptime
}
service{generic-service_name for_description CPU Load_command
check_nrpe_1arg!check_load_period 24x7_options w,c,r_interval 30_groups
admins_enabled 1
}service{generic-service_name for_description / Free
Space_command check_nrpe_1arg!check_disk1_period 24x7_options w,c,r_interval
30_groups admins_enabled 1
}
service{generic-service_name for_description Total
Processes_command check_nrpe_1arg!check_total_procs_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service_name for_description Zombie
Processes_command check_nrpe_1arg!check_zombie_procs_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service_name for_description Swap Usage_command
check_nrpe_1arg!check_swap_period 24x7_options w,c,r_interval 30_groups
admins_enabled 1
}
service{generic-service_name for_description eth0 External
Link Status_command check_snmp!public!ifOperStatus.2! -m RFC1213-MIB_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}service{generic-service_name for_description Memory
Usage_command check_snmp_mem_v1!public!85,70!90,90_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service_name for_description HTTP_command
check_http
}
/etc/nagios3/objects/servers/host_mail.cfg
host{linux-server_name host_mailHosting and
Mail192.168.10.214_period 24x7_options d,u,r,f_interval 30_groups
admins_enabled 1
}
service{local-service_name host_mail_description PING_command
check_ping!100.0,20%!500.0,60%_period 24x7_options w,c,r_interval 30_groups
admins_enabled 1
}
# Monitor uptime via SNMP
service{generic-service_name host_mail_description
Uptime_command check_netapp_uptime
}
service{generic-service_name host_mail_description CPU
Load_command check_nrpe_1arg!check_load_period 24x7_options w,c,r_interval
30_groups admins_enabled 1
}
service{generic-service_name host_mail_description /var/ Free
Space_command check_nrpe_1arg!check_disk1_period 24x7_options w,c,r_interval
30_groups admins_enabled 1
}
service{generic-service_name host_mail_description Total
Processes_command check_nrpe_1arg!check_total_procs_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service_name host_mail_description Zombie
Processes_command check_nrpe_1arg!check_zombie_procs_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service_name host_mail_description Swap
Usage_command check_nrpe_1arg!check_swap_period 24x7_options w,c,r_interval
30_groups admins_enabled 1
}
service{generic-service_name host_mail_description eth0
External Link Status on hosting_command check_snmp!public!ifOperStatus.2! -m
RFC1213-MIB_period 24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service_name host_mail_description eth1
System Link Status on hosting_command check_snmp!public!ifOperStatus.3! -m
RFC1213-MIB_period 24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service_name host_mail_description eth1.80
Internal Link Status on hosting_command check_snmp!public!ifOperStatus.4! -m
RFC1213-MIB_period 24x7_options w,c,r_interval 30_groups admins_enabled 1
}
# Monitor bandwidth via MRTG logsservice{generic-service_name
host_mail_description eth0 Bandwidth Usage on hosting_command
traffic_average!/var/www/mrtg/host_mail/192.168.10.214_2.log!AVG!1000000,2000000!5000000,5000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service_name host_mail_description eth1
Bandwidth Usage on hosting_command
traffic_average!/var/www/mrtg/host_mail/192.168.10.214_3.log!AVG!1000000,2000000!5000000,5000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service_name host_mail_description eth1.80
Bandwidth Usage on hosting_command
traffic_average!/var/www/mrtg/host_mail/192.168.10.214_5.log!AVG!1000000,2000000!5000000,5000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service_name host_mail_description
SMTP_command check_smtp_period 24x7_options w,c,r_interval 30_groups
admins_enabled 1
}
service{generic-service_name host_mail_description
POP3_command check_pop_period 24x7_options w,c,r_interval 30_groups
admins_enabled 1
}
service{generic-service_name host_mail_description
IMAP_command check_imap_period 24x7_options w,c,r_interval 30_groups
admins_enabled 1
}
service{generic-service_name host_mail_description Memory
Usage_command check_snmp_mem_v1!public!85,70!90,90_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}service{generic-service_name host_mail_description Raid
State md1_command check_nrpe_1arg!check_raid_period 24x7_options w,c,r_interval
30_groups admins_enabled 1
}
service{generic-service_name host_mail_description
HTTP_command check_http
}
/etc/nagios3/objects/servers/isp.cfg
host{linux-server_name ispDatabase and
DNS192.168.10.217at9924_period 24x7_options d,u,r,f_interval 30_groups
admins_enabled 1
}
service{local-service_name isp_description PING_command
check_ping!100.0,20%!500.0,60%_period 24x7_options w,c,r_interval 30_groups
admins_enabled 1
}
service{generic-service_name isp_description DNS_command
check_dns
}
/etc/nagios3/objects/routers/at9924.cfg
host{generic-switch ; Inherit default values from a template_name
at9924 ; The name we're giving to this switchAllied Telesyn AT-9924 ; A longer
name associated with the switch192.168.10.101 ; IP address of the switchrouters
; Host groups this switch is associated with_period 24x7_options
d,u,f,r_interval 30_groups admins_enabled 1
}
# Create a service to PING to switch
service{generic-service ; Inherit values from a template_name
at9924 ; The name of the host the service is associated with_description PING ;
The service description_command check_ping!200.0,20%!600.0,60% ; The command
used to monitor the service_check_interval 5 ; Check the service every 5
minutes under normal conditions_check_interval 1 ; Re-check the service every
minute until its final/hard state is determined_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
# Monitor uptime via SNMP
service{generic-service ; Inherit values from a template_name
at9924_description Uptime_command check_netapp_uptime
}
# Monitor Ports status via SNMP
service{generic-service ; Inherit values from a template_name
at9924_description Port 1 Link Status ub13_command
check_snmp!public!ifOperStatus.1! -m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
at9924_description Port 2 Link Status Lenina-105B_command
check_snmp!public!ifOperStatus.2! -m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
at9924_description Port 3 Link Status krivousova36b_command
check_snmp!public!ifOperStatus.3! -m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
at9924_description Port 4 Link Status ur39a_command
check_snmp!public!ifOperStatus.4! -m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
at9924_description Port 5 Link Status ISP-concentrator_command
check_snmp!public!ifOperStatus.5! -m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
at9924_description Port 6 Link Status isp-server_command
check_snmp!public!ifOperStatus.6! -m RFC1213-MIB
}
<…>
# Monitor bandwidth via MRTG logs
service{generic-service ; Inherit values from a template_name
at9924_description Port 1 Bandwidth Usage ub13_command
traffic_average!/var/www/mrtg/AT-9924/192.168.10.101_1.log!AVG!80000000,90000000!100000000,120000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service ; Inherit values from a template_name
at9924_description Port 2 Bandwidth Usage Lenina-105B_command
traffic_average!/var/www/mrtg/AT-9924/192.168.10.101_2.log!AVG!80000000,90000000!100000000,120000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service ; Inherit values from a template_name
at9924_description Port 3 Bandwidth Usage krivousova36b_command
traffic_average!/var/www/mrtg/AT-9924/192.168.10.101_3.log!AVG!80000000,90000000!100000000,120000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}service{generic-service ; Inherit values from a
template_name at9924_description Port 4 Bandwidth Usage ur39a_command
traffic_average!/var/www/mrtg/AT-9924/192.168.10.101_4.log!AVG!80000000,90000000!100000000,120000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
<…>
/etc/nagios3/objects/routers/router_len58a.cfg
host{linux-server_name router_len58aLenina 58a
Router192.168.10.158des3627g_period 24x7_options d,u,r,f_interval 30_groups
admins_enabled 1
}service{local-service ; Name of service template to use_name
router_len58a_description PING_command check_ping!100.0,20%!500.0,60%_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service; Inherit values from a template_name
router_len58a_description Uptime_command check_netapp_uptime
}
service{generic-service_name router_len58a_description CPU
Load_command check_nrpe_1arg!check_load_period 24x7_options w,c,r_interval
30_groups admins_enabled 1
}service{generic-service_name router_len58a_description /
Free Space_command check_nrpe_1arg!check_disk1_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
service{generic-service_name router_len58a_description Total
Processes_command check_nrpe_1arg!check_total_procs_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service_name router_len58a_description Zombie
Processes_command check_nrpe_1arg!check_zombie_procs_period 24x7_options w,c,r_interval
30_groups admins_enabled 1
}
service{generic-service_name router_len58a_description Memory
Usage_command check_snmp_mem_v1!public!85,70!90,90_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service; Inherit values from a template_name
router_len58a_description DNS_command check_dns
}
/etc/nagios3/objects/routers/des3627g.cfg
host{generic-switch ; Inherit default values from a
template_name des3627g ; The name we're giving to this switchD-Link DES-3627G ;
A longer name associated with the switch192.168.10.111 ; IP address of the
switchrouters ; Host groups this switch is associated with_period 24x7_options
d,u,f,r_interval 30_groups admins_enabled 1
}
# Create a service to PING to switch
service{generic-service ; Inherit values from a template_name
des3627g ; The name of the host the service is associated with_description PING
; The service description_command check_ping!200.0,20%!600.0,60% ; The command
used to monitor the service_check_interval 5 ; Check the service every 5
minutes under normal conditions_check_interval 1 ; Re-check the service every
minute until its final/hard state is determined_period 24x7_options
w,c,r_interval 30_groups admins_enabled 1
}
# Monitor uptime via SNMPservice{generic-service ; Inherit
values from a template_name des3627g_description Uptime_command
check_netapp_uptime
}
# Monitor Ports status via SNMP
service{generic-service ; Inherit values from a template_name
des3627g_description Port 1 Link Status_command
check_snmp!public!ifOperStatus.1! -m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 2 Link Status_command
check_snmp!public!ifOperStatus.2! -m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 3 Link Status_command
check_snmp!public!ifOperStatus.3! -m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 4 Link Status_command check_snmp!public!ifOperStatus.4!
-m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 5 Link Status_command
check_snmp!public!ifOperStatus.5! -m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 6 Link Status_command
check_snmp!public!ifOperStatus.6! -m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 7 Link Status_command
check_snmp!public!ifOperStatus.7! -m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 8 Link Status_command
check_snmp!public!ifOperStatus.8! -m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 9 Link Status_command
check_snmp!public!ifOperStatus.9! -m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 10 Link Status_command
check_snmp!public!ifOperStatus.10! -m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 11 Link Status_command
check_snmp!public!ifOperStatus.11! -m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 12 Link Status ugmk-router_command
check_snmp!public!ifOperStatus.12! -m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 21 Link Status_command
check_snmp!public!ifOperStatus.21! -m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 22 Link Status_command
check_snmp!public!ifOperStatus.22! -m RFC1213-MIB
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 23 Link Status_command
check_snmp!public!ifOperStatus.23! -m RFC1213-MIB
}
# Monitor bandwidth via MRTG logs
service{generic-service ; Inherit values from a template_name
des3627g_description Port 1 Bandwidth Usage_command
traffic_average!/var/www/mrtg/DES-3627G/192.168.10.111_1.log!AVG!80000000,90000000!100000000,120000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 2 Bandwidth Usage_command traffic_average!/var/www/mrtg/DES-3627G/192.168.10.111_2.log!AVG!80000000,90000000!100000000,120000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 3 Bandwidth Usage_command
traffic_average!/var/www/mrtg/DES-3627G/192.168.10.111_3.log!AVG!80000000,90000000!100000000,120000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 4 Bandwidth Usage_command
traffic_average!/var/www/mrtg/DES-3627G/192.168.10.111_4.log!AVG!80000000,90000000!100000000,120000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 5 Bandwidth Usage_command
traffic_average!/var/www/mrtg/DES-3627G/192.168.10.111_5.log!AVG!80000000,90000000!100000000,120000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 6 Bandwidth Usage_command
traffic_average!/var/www/mrtg/DES-3627G/192.168.10.111_6.log!AVG!80000000,90000000!100000000,120000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 8 Bandwidth Usage_command
traffic_average!/var/www/mrtg/DES-3627G/192.168.10.111_8.log!AVG!80000000,90000000!100000000,120000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 9 Bandwidth Usage_command
traffic_average!/var/www/mrtg/DES-3627G/192.168.10.111_9.log!AVG!80000000,90000000!100000000,120000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 10 Bandwidth Usage_command
traffic_average!/var/www/mrtg/DES-3627G/192.168.10.111_10.log!AVG!80000000,90000000!100000000,120000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}service{generic-service ; Inherit values from a
template_name des3627g_description Port 11 Bandwidth Usage_command
traffic_average!/var/www/mrtg/DES-3627G/192.168.10.111_11.log!AVG!80000000,90000000!100000000,120000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 12 Bandwidth Usage_command traffic_average!/var/www/mrtg/DES-3627G/192.168.10.111_12.log!AVG!80000000,90000000!100000000,120000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 21 Bandwidth Usage_command
traffic_average!/var/www/mrtg/DES-3627G/192.168.10.111_21.log!AVG!80000000,90000000!100000000,120000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 22 Bandwidth Usage_command
traffic_average!/var/www/mrtg/DES-3627G/192.168.10.111_22.log!AVG!80000000,90000000!100000000,120000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
service{generic-service ; Inherit values from a template_name
des3627g_description Port 23 Bandwidth Usage_command
traffic_average!/var/www/mrtg/DES-3627G/192.168.10.111_23.log!AVG!80000000,90000000!100000000,120000000!10_period
24x7_options w,c,r_interval 30_groups admins_enabled 1
}
/etc/nagios/nrpe.cfg
#############################################################################
# This is configuration file for the NRPE daemon. It needs to
be
# located on the remote host that is running the NRPE daemon,
not the host
# from which the check_nrpe client is being executed.
#############################################################################
# PID FILE
# The name of the file in which the NRPE daemon should write
it's process ID
# number. The file is only written if the NRPE daemon is started
by the root
# user and is running in standalone mode.
_file=/var/run/nrpe.pid
# PORT NUMBER
# Port number we should wait for connections on.
# NOTE: This must be a non-priviledged port (i.e. > 1024).
# NOTE: This option is ignored if NRPE is running under
either inetd or xinetd
_port=5666
# SERVER ADDRESS
# Address that nrpe should bind to in case there are more
than one interface
# and you do not want nrpe to bind on all interfaces.
# NOTE: This option is ignored if NRPE is running under
either inetd or xinetd
_address=192.168.10.214
# NRPE USER
# This determines the effective user that the NRPE daemon
should run as.
# You can either supply a username or a UID.
#
# NOTE: This option is ignored if NRPE is running under
either inetd or xinetd
_user=nagios
# NRPE GROUP
# This determines the effective group that the NRPE daemon
should run as.
# You can either supply a group name or a GID.
#
# NOTE: This option is ignored if NRPE is running under
either inetd or xinetd_group=nagios
# ALLOWED HOST ADDRESSES
# This is an optional comma-delimited list of IP address or
hostnames
# that are allowed to talk to the NRPE daemon.
#
# Note: The daemon only does rudimentary checking of the
client's IP
# address. I would highly recommend adding entries in your
/etc/hosts.allow
# file to allow only the specified host to connect to the
port
# you are running this daemon on.
#
# NOTE: This option is ignored if NRPE is running under
either inetd or xinetd
_hosts=127.0.0.1,192.168.10.2
# COMMAND ARGUMENT PROCESSING
# This option determines whether or not the NRPE daemon will
allow clients
# to specify arguments to commands that are executed. This
option only works
# if the daemon was configured with the --enable-command-args
configure script
# option.
#
# *** ENABLING THIS OPTION IS A SECURITY RISK! ***
# Read the SECURITY file for information on some of the
security implications
# of enabling this variable.
#
# Values: 0=do not allow arguments, 1=allow command
arguments_blame_nrpe=0
# COMMAND PREFIX
# This option allows you to prefix all commands with a
user-defined string.
# A space is automatically added between the specified prefix
string and the
# command line from the command definition.
#
# *** THIS EXAMPLE MAY POSE A POTENTIAL SECURITY RISK, SO USE
WITH CAUTION! ***
# Usage scenario:
# Execute restricted commmands using sudo. For this to work,
you need to add
# the nagios user to your /etc/sudoers. An example entry for
alllowing
# execution of the plugins from might be:
#
# nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/
#
# This lets the nagios user run all commands in that
directory (and only them)
# without asking for a password. If you do this, make sure
you don't give
# random users write access to that directory or its
contents!
# command_prefix=/usr/bin/sudo
# DEBUGGING OPTION
# This option determines whether or not debugging messages
are logged to the
# syslog facility.
# Values: 0=debugging off, 1=debugging on
=0
# COMMAND TIMEOUT
# This specifies the maximum number of seconds that the NRPE
daemon will
# allow plugins to finish executing before killing them off.
_timeout=60
# WEEK RANDOM SEED OPTION
# This directive allows you to use SSL even if your system
does not have
# a /dev/random or /dev/urandom (on purpose or because the
necessary patches
# were not applied). The random number generator will be
seeded from a file
# which is either a file pointed to by the environment
valiable $RANDFILE
# or $HOME/.rnd. If neither exists, the pseudo random number
generator will
# be initialized and a warning will be issued.
# Values: 0=only seed from /dev/[u]random, 1=also seed from
weak randomness
#allow_weak_random_seed=1
# INCLUDE CONFIG FILE
# This directive allows you to include definitions from an
external config file.
#include=<somefile.cfg>
# INCLUDE CONFIG DIRECTORY
# This directive allows you to include definitions from
config files (with a
# .cfg extension) in one or more directories (with recursion).
#include_dir=<somedirectory>
#include_dir=<someotherdirectory>
# COMMAND DEFINITIONS
# Command definitions that this daemon will run. Definitions
# are in the following format:
#
# command[<command_name>]=<command_line>
#
# When the daemon receives a request to return the results of
<command_name>
# it will execute the command specified by the
<command_line> argument.
#
# Unlike Nagios, the command line cannot contain macros - it
must be
# typed exactly as it should be executed.
#
# Note: Any plugins that are used in the command lines must
reside
# on the machine that this daemon is running on! The examples
below
# assume that you have plugins installed in a
/usr/local/nagios/libexec
# directory. Also note that you will have to modify the
definitions below
# to match the argument format the plugins expect. Remember,
these are
# examples only!
# The following examples use hardcoded command arguments...
[check_users]=/usr/lib/nagios/plugins/check_users -w 5 -c
10[check_load]=/usr/lib/nagios/plugins/check_load -w 15,10,5 -c
30,25,20[check_disk1]=/usr/lib/nagios/plugins/check_disk -w 20 -c 10 -p
/dev/md1[check_disk2]=/usr/lib/nagios/plugins/check_disk -w 20 -c 10 -p
/dev/md3[check_zombie_procs]=/usr/lib/nagios/plugins/check_procs -w 17000 -c
18000 -s Z[check_total_procs]=/usr/lib/nagios/plugins/check_procs -w 17000 -c
20000[check_swap]=/usr/lib/nagios/plugins/check_swap -w 20 -c
10[check_raid]=/usr/lib/nagios/plugins/check_linux_raid md1
# The following examples allow user-supplied arguments and
can
# only be used if the NRPE daemon was compiled with support
for
# command arguments *AND* the dont_blame_nrpe directive in
this
# config file is set to '1'...
#command[check_users]=/usr/lib/nagios/plugins/check_users -w
$ARG1$ -c $ARG2$
#command[check_load]=/usr/lib/nagios/plugins/check_load -w
$ARG1$ -c $ARG2$
#command[check_disk]=/usr/lib/nagios/plugins/check_disk -w
$ARG1$ -c $ARG2$ -p $ARG3$
#command[check_procs]=/usr/lib/nagios/plugins/check_procs -w
$ARG1$ -c $ARG2$ -s $ARG3$
#
# local configuration:
# if you'd prefer, you can instead place directives
here=/etc/nagios/nrpe_local.cfg
Приложение И
Исходные тексты плагинов, не идущих в поставке с
пакетом ядра системы.
/usr/lib/nagios/plugins/check_snmp_load.pl
#!/usr/bin/perl -w
# nagios: -epn
############################## check_snmp_load
#################$Version='1.12';
#
# Help : ./check_snmp_load.pl -h
#
strict;Net::SNMP;Getopt::Long;
# Nagios specific
$TIMEOUT =
15;%ERRORS=('OK'=>0,'WARNING'=>1,'CRITICAL'=>2,'UNKNOWN'=>3,'DEPENDENT'=>4);
# SNMP Datas
# Generic with host-ressource-mib$base_proc =
"1.3.6.1.2.1.25.3.3.1"; # oid for all proc info$proc_id =
"1.3.6.1.2.1.25.3.3.1.1"; # list of processors (product ID)$proc_load
= "1.3.6.1.2.1.25.3.3.1.2"; # %time the proc was not idle over last
minute
# Linux load
$linload_table= "1.3.6.1.4.1.2021.10.1"; # net-snmp
load table$linload_name = "1.3.6.1.4.1.2021.10.1.2"; # text
'Load-1','Load-5', 'Load-15'$linload_load =
"1.3.6.1.4.1.2021.10.1.3"; # effective load table
# Cisco cpu/load
$cisco_cpu_5m = "1.3.6.1.4.1.9.2.1.58.0"; # Cisco
CPU load (5min %)$cisco_cpu_1m = "1.3.6.1.4.1.9.2.1.57.0"; # Cisco
CPU load (1min %)$cisco_cpu_5s = "1.3.6.1.4.1.9.2.1.56.0"; # Cisco
CPU load (5sec %)
# Cisco catalyst cpu/load
$ciscocata_cpu_5m = ".1.3.6.1.4.1.9.9.109.1.1.1.1.5.9";
# Cisco CPU load (5min %)$ciscocata_cpu_1m =
".1.3.6.1.4.1.9.9.109.1.1.1.1.3.9"; # Cisco CPU load (1min
%)$ciscocata_cpu_5s = ".1.3.6.1.4.1.9.9.109.1.1.1.1.4.9"; # Cisco CPU
load (5sec %)
# Netscreen cpu/load
$nsc_cpu_5m = "1.3.6.1.4.1.3224.16.1.4.0"; # NS CPU
load (5min %)$nsc_cpu_1m = "1.3.6.1.4.1.3224.16.1.2.0"; # NS CPU load
(1min %)$nsc_cpu_5s = "1.3.6.1.4.1.3224.16.1.3.0"; # NS CPU load
(5sec %)
# AS/400 CPU
$as400_cpu = "1.3.6.1.4.1.2.6.4.5.1.0"; # AS400 CPU
load (10000=100%);
# Net-SNMP CPU
$ns_cpu_idle = "1.3.6.1.4.1.2021.11.11.0"; #
Net-snmp cpu idle$ns_cpu_user = "1.3.6.1.4.1.2021.11.9.0"; # Net-snmp
user cpu usage$ns_cpu_system = "1.3.6.1.4.1.2021.11.10.0"; # Net-snmp
system cpu usage
# Procurve CPU$procurve_cpu =
"1.3.6.1.4.1.11.2.14.11.5.1.9.6.1.0"; # Procurve CPU Counter
# Nokia CPU$nokia_cpu =
"1.3.6.1.4.1.94.1.21.1.7.1.0"; # Nokia CPU % usage
# Bluecoat Appliance$bluecoat_cpu =
"1.3.6.1.4.1.3417.2.4.1.1.1.4.1"; # Bluecoat %cpu usage.
# Fortigate CPU$fortigate_cpu =
".1.3.6.1.4.1.12356.1.8.0"; # Fortigate CPU % usage
# Linkproof Appliance$linkproof_cpu=
"1.3.6.1.4.1.89.35.1.55.0"; # CPU RE (Routing Engine Tasks)
# 1.3.6.1.4.1.89.35.1.53.0 : Ressource utilisation (%)
Considers network utilization and internal CPU utilization
# 1.3.6.1.4.1.89.35.1.54 : CPU only (%)
# 1.3.6.1.4.1.89.35.1.55 : network only (%)
# HP-UX cpu usage (thanks to krizb for the
OIDs).$hpux_load_1_min="1.3.6.1.4.1.11.2.3.1.1.3.0";$hpux_load_5_min="1.3.6.1.4.1.11.2.3.1.1.4.0";$hpux_load_15_min="1.3.6.1.4.1.11.2.3.1.1.5.0";
# valid values@valid_types =
("stand","netsc","netsl","as400","cisco","cata","nsc","fg","bc","nokia","hp","lp","hpux");
# CPU OID array%cpu_oid =
("netsc",$ns_cpu_idle,"as400",$as400_cpu,"bc",$bluecoat_cpu,"nokia",$nokia_cpu,"hp",$procurve_cpu,"lp",$linkproof_cpu,"fg",$fortigate_cpu);
# Globals
$o_host = undef; # hostname$o_community = undef; #
community$o_port = 161; # port$o_help= undef; # wan't some help ?$o_verb=
undef; # verbose mode$o_version= undef; # print version
# check type : stand | netsc | netsl | as400 | cisco | cata |
nsc | fg | bc | nokia | hp | lp | hpux$o_check_type= "stand";
# End compatibility$o_warn= undef; # warning level@o_warnL=
undef; # warning levels for Linux Load or Cisco CPU$o_crit= undef; # critical
level@o_critL= undef; # critical level for Linux Load or Cisco CPU$o_timeout=
undef; # Timeout (Default 5)$o_perf= undef; # Output performance
data$o_version2= undef; # use snmp v2c
# SNMPv3 specific$o_login= undef; # Login for
snmpv3$o_passwd= undef; # Pass for snmpv3$v3protocols=undef; # V3 protocol
list.$o_authproto='md5'; # Auth protocol$o_privproto='des'; # Priv
protocol$o_privpass= undef; # priv password
# functions
p_version { print "check_snmp_load version :
$Version\n"; }
print_usage {"Usage: $0 [-v] -H <host> -C
<snmp_community> [-2] | (-l login -x passwd [-X pass -L
<authp>,<privp>]) [-p <port>] -w <warn level> -c
<crit level> -T=[stand|netsl|netsc|as400|cisco|cata|nsc|fg|bc|nokia|hp|lp|hpux]
[-f] [-t <timeout>] [-V]\n";
}
isnnum { # Return true if arg is not a number$num = shift;(
$num =~ /^(\d+\.?\d*)|(^\.\d+)$/ ) { return 0 ;}1;
}
help {"\nSNMP Load & CPU Monitor for Nagios version
",$Version,"\n";"GPL licence, (c)2004-2007 Patrick
Proy\n\n";_usage();<<EOT;
v, --verboseextra debugging information
h, --helpthis help message
H, --hostname=HOSTor IP address of host to check
C, --community=COMMUNITY NAMEname for the host's SNMP agent
(implies v1 protocol)
, --v2csnmp v2c
l, --login=LOGIN ; -x, --passwd=PASSWDand auth password for
snmpv3 authenticationno priv password exists, implies AuthNoPriv
X, --privpass=PASSWDpassword for snmpv3 (AuthPriv protocol)
L, --protocols=<authproto>,<privproto>
<authproto> : Authentication protocol (md5|sha :
default md5)
<privproto> : Priv protocole (des|aes : default des)
P, --port=PORTport (Default 161)
w, --warn=INTEGER | INT,INT,INT
value check : warning level for cpu in percent (on one
minute)
value check : comma separated level for load or cpu for 1min,
5min, 15min
c, --crit=INTEGER | INT,INT,INTlevel for cpu in percent (on
one minute)
value check : critical level for cpu in percent (on one
minute)
value check : comma separated level for load or cpu for 1min,
5min, 15min
T, --type=stand|netsl|netsc|as400|cisco|bc|nokia|hp|lpcheck
:: standard MIBII (works with Windows),handle multiple CPU.: linux load
provided by Net SNMP (1,5 & 15 minutes values): cpu usage given by net-snmp
(100-idle): as400 CPU usage: Cisco CPU usage: Cisco catalyst CPU usage:
NetScreen CPU usage: Fortigate CPU usage: Bluecoat CPU usage: Nokia CPU usage:
HP procurve switch CPU usage: Linkproof CPU usage: HP-UX load (1,5 & 15
minutes values)
f, --perfparsecompatible output
t, --timeout=INTEGERfor SNMP in seconds (Default: 5)
V, --versionversion number
}
# For verbose outputverb { my $t=shift; print
$t,"\n" if defined($o_verb) ; }
check_options {::Long::Configure ("bundling");(
'v' => \$o_verb, 'verbose' => \$o_verb,
'h' => \$o_help, 'help' => \$o_help,
'H:s' => \$o_host, 'hostname:s' => \$o_host,
'p:i' => \$o_port, 'port:i' => \$o_port,
'C:s' => \$o_community, 'community:s' => \$o_community,
'l:s' => \$o_login, 'login:s' => \$o_login,
'x:s' => \$o_passwd, 'passwd:s' => \$o_passwd,
'X:s' => \$o_privpass, 'privpass:s' => \$o_privpass,
'L:s' => \$v3protocols, 'protocols:s' => \$v3protocols,
't:i' => \$o_timeout, 'timeout:i' => \$o_timeout,
'V' => \$o_version, 'version' => \$o_version,
'2' => \$o_version2, 'v2c' => \$o_version2,
'c:s' => \$o_crit, 'critical:s' => \$o_crit,
'w:s' => \$o_warn, 'warn:s' => \$o_warn,
'f' => \$o_perf, 'perfparse' => \$o_perf,
'T:s' => \$o_check_type, 'type:s' => \$o_check_type
);
# check the -T option$T_option_valid=0;(@valid_types) { if
($_ eq $o_check_type) {$T_option_valid=1} };( $T_option_valid == 0 )
{print "Invalid check type (-T)!\n"; print_usage();
exit $ERRORS{"UNKNOWN"}}
# Basic checks(defined($o_timeout) &&
(isnnum($o_timeout) || ($o_timeout < 2) || ($o_timeout > 60)))
{ print "Timeout must be >1 and <60 !\n"; print_usage();
exit $ERRORS{"UNKNOWN"}}(!defined($o_timeout))
{$o_timeout=5;}(defined ($o_help) ) { help(); exit
$ERRORS{"UNKNOWN"}};(defined($o_version)) { p_version(); exit
$ERRORS{"UNKNOWN"}};( ! defined($o_host) ) # check host and filter
{ print_usage(); exit $ERRORS{"UNKNOWN"}}
# check snmp information( !defined($o_community) &&
(!defined($o_login) || !defined($o_passwd)) )
{ print "Put snmp login info!\n"; print_usage();
exit $ERRORS{"UNKNOWN"}}((defined($o_login) || defined($o_passwd))
&& (defined($o_community) || defined($o_version2)) )
{ print "Can't mix snmp v1,2c,3 protocols!\n";
print_usage(); exit $ERRORS{"UNKNOWN"}}(defined ($v3protocols))
{(!defined($o_login)) { print "Put snmp V3 login info with
protocols!\n"; print_usage(); exit
$ERRORS{"UNKNOWN"}}@v3proto=split(/,/,$v3protocols);((defined
($v3proto[0])) && ($v3proto[0] ne ""))
{$o_authproto=$v3proto[0]; } # Auth protocol(defined ($v3proto[1]))
{$o_privproto=$v3proto[1]; } # Priv protocol((defined ($v3proto[1])) &&
(!defined($o_privpass))) {"Put snmp V3 priv login info with priv
protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
}
# Check warnings and critical(!defined($o_warn) ||
!defined($o_crit))
{ print "put warning and critical info!\n";
print_usage(); exit $ERRORS{"UNKNOWN"}}
# Get rid of % sign
$o_warn =~ s/\%//g;
$o_crit =~ s/\%//g;
# Check for multiple warning and crit in case of
-L(($o_check_type eq "netsl") || ($o_check_type eq "cisco")
|| ($o_check_type eq "cata") ||
($o_check_type eq "nsc") || ($o_check_type eq
"hpux")) {
@o_warnL=split(/,/ , $o_warn);
@o_critL=split(/,/ , $o_crit);(($#o_warnL != 2) || ($#o_critL
!= 2))
{ print "3 warnings and critical
!\n";print_usage(); exit $ERRORS{"UNKNOWN"}}(my
$i=0;$i<3;$i++) {( isnnum($o_warnL[$i]) || isnnum($o_critL[$i]))
{ print "Numeric value for warning or critical
!\n";print_usage(); exit $ERRORS{"UNKNOWN"}}($o_warnL[$i] >
$o_critL[$i])
{ print "warning <= critical !
\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
}
} else {(($o_warn =~ /,/) || ($o_crit =~ /,/)) {
{ print "Multiple warning/critical levels not available
for this check\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
}( isnnum($o_warn) || isnnum($o_crit) )
{ print "Numeric value for warning or critical
!\n";print_usage(); exit $ERRORS{"UNKNOWN"}}($o_warn >
$o_crit)
{ print "warning <= critical !
\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
}
}
########## MAIN #######
_options();
# Check gobal timeout if snmp screws up(defined($TIMEOUT))
{("Alarm at $TIMEOUT + 5");($TIMEOUT+5);
} else {("no global timeout defined : $o_timeout +
10");($o_timeout+10);
}
$SIG{'ALRM'} = sub {"No answer from
host\n";$ERRORS{"UNKNOWN"};
};
# Connect to host($session,$error);( defined($o_login)
&& defined($o_passwd)) {
# SNMPv3 login("SNMPv3 login");(!defined
($o_privpass)) {("SNMPv3 AuthNoPriv login : $o_login, $o_authproto");
($session, $error) = Net::SNMP->session(
hostname => $o_host,
version => '3',
username => $o_login,
authpassword => $o_passwd,
authprotocol => $o_authproto,
timeout => $o_timeout
);
} else {("SNMPv3 AuthPriv login : $o_login,
$o_authproto, $o_privproto");
($session, $error) = Net::SNMP->session(
hostname => $o_host,
version => '3',
username => $o_login,
authpassword => $o_passwd,
authprotocol => $o_authproto,
privpassword => $o_privpass,
privprotocol => $o_privproto,
timeout => $o_timeout
);
} else {(defined ($o_version2)) {
# SNMPv2 Login("SNMP v2c login");
($session, $error) = Net::SNMP->session(
hostname => $o_host,
version => 2,
community => $o_community,
port => $o_port,
timeout => $o_timeout
);
} else {
# SNMPV1 login("SNMP v1 login");
($session, $error) = Net::SNMP->session(
hostname => $o_host,
community => $o_community,
port => $o_port,
timeout => $o_timeout
);
}
}(!defined($session)) {("ERROR opening session:
%s.\n", $error);$ERRORS{"UNKNOWN"};
}
$exit_val=undef;
########### Linux load check ##############
($o_check_type eq "netsl") {
("Checking linux load");
# Get load table$resultat = (Net::SNMP->VERSION < 4) ?
$session->get_table($linload_table)
: $session->get_table(Baseoid => $linload_table);
(!defined($resultat)) {("ERROR: Description table :
%s.\n", $session->error);
$session->close;$ERRORS{"UNKNOWN"};
}
$session->close;
@load = undef;@iload = undef;@oid=undef;$exist=0;my $key (
keys %$resultat) {("OID : $key, Desc : $$resultat{$key}");( $key =~
/$linload_name/ ) {
@oid=split (/\./,$key);
$iload[0]= pop(@oid) if ($$resultat{$key} eq
"Load-1");
$iload[1]= pop(@oid) if ($$resultat{$key} eq
"Load-5");
$iload[2]= pop(@oid) if ($$resultat{$key} eq "Load-15");
$exist=1
}
}
($exist == 0) {"Can't find snmp information on load :
UNKNOWN\n";$ERRORS{"UNKNOWN"};
}
(my $i=0;$i<3;$i++) { $load[$i] = $$resultat{$linload_load
. "." . $iload[$i]}};
"Load : $load[0] $load[1] $load[2] :";
$exit_val=$ERRORS{"OK"};(my $i=0;$i<3;$i++) {(
$load[$i] > $o_critL[$i] ) {" $load[$i] > $o_critL[$i] :
CRITICAL";
$exit_val=$ERRORS{"CRITICAL"};
}( $load[$i] > $o_warnL[$i] ) {
# output warn error only if no critical was found($exit_val
eq $ERRORS{"OK"}) {" $load[$i] > $o_warnL[$i] :
WARNING";
$exit_val=$ERRORS{"WARNING"};
}
}
}" OK" if ($exit_val eq
$ERRORS{"OK"});(defined($o_perf)) {" |
load_1_min=$load[0];$o_warnL[0];$o_critL[0]
";"load_5_min=$load[1];$o_warnL[1];$o_critL[1]
";"load_15_min=$load[2];$o_warnL[2];$o_critL[2]\n";
} else {"\n";
}$exit_val;
}
############## Cisco CPU check ################
($o_check_type eq "cisco") {@oidlists =
($cisco_cpu_5m, $cisco_cpu_1m, $cisco_cpu_5s);$resultat =
(Net::SNMP->VERSION < 4) ?
$session->get_request(@oidlists)
: $session->get_request(-varbindlist => \@oidlists);
(!defined($resultat)) {("ERROR: Description table :
%s.\n", $session->error);
$session->close;$ERRORS{"UNKNOWN"};
}
$session->close;
(!defined ($$resultat{$cisco_cpu_5s})) {"No CPU
information : UNKNOWN\n";$ERRORS{"UNKNOWN"};
}
@load = undef;
$load[0]=$$resultat{$cisco_cpu_5s};
$load[1]=$$resultat{$cisco_cpu_1m};
$load[2]=$$resultat{$cisco_cpu_5m};
"CPU : $load[0] $load[1] $load[2] :";
$exit_val=$ERRORS{"OK"};(my $i=0;$i<3;$i++) {(
$load[$i] > $o_critL[$i] ) {" $load[$i] > $o_critL[$i] :
CRITICAL";
$exit_val=$ERRORS{"CRITICAL"};
}( $load[$i] > $o_warnL[$i] ) {
# output warn error only if no critical was found($exit_val
eq $ERRORS{"OK"}) {" $load[$i] > $o_warnL[$i] :
WARNING";
$exit_val=$ERRORS{"WARNING"};
}
}
}" OK" if ($exit_val eq
$ERRORS{"OK"});(defined($o_perf)) {" |
load_5_sec=$load[0]%;$o_warnL[0];$o_critL[0]
";"load_1_min=$load[1]%;$o_warnL[1];$o_critL[1]
";"load_5_min=$load[2]%;$o_warnL[2];$o_critL[2]\n";
} else {"\n";
}
$exit_val;
}
############## Cisco Catalyst CPU check ################
($o_check_type eq "cata") {@oidlists =
($ciscocata_cpu_5m, $ciscocata_cpu_1m, $ciscocata_cpu_5s);$resultat =
(Net::SNMP->VERSION < 4) ?
$session->get_request(@oidlists)
: $session->get_request(-varbindlist => \@oidlists);
(!defined($resultat)) {("ERROR: Description table :
%s.\n", $session->error);
$session->close;$ERRORS{"UNKNOWN"};
}
$session->close;
(!defined ($$resultat{$ciscocata_cpu_5s})) {"No CPU
information : UNKNOWN\n";$ERRORS{"UNKNOWN"};
}
@load = undef;
$load[0]=$$resultat{$ciscocata_cpu_5s};
$load[1]=$$resultat{$ciscocata_cpu_1m};
$load[2]=$$resultat{$ciscocata_cpu_5m};
"CPU : $load[0] $load[1] $load[2] :";
$exit_val=$ERRORS{"OK"};(my $i=0;$i<3;$i++) {(
$load[$i] > $o_critL[$i] ) {" $load[$i] > $o_critL[$i] :
CRITICAL";
$exit_val=$ERRORS{"CRITICAL"};
}( $load[$i] > $o_warnL[$i] ) {
# output warn error only if no critical was found($exit_val
eq $ERRORS{"OK"}) {" $load[$i] > $o_warnL[$i] :
WARNING";
$exit_val=$ERRORS{"WARNING"};
}
}
}" OK" if ($exit_val eq
$ERRORS{"OK"});(defined($o_perf)) {" |
load_5_sec=$load[0]%;$o_warnL[0];$o_critL[0]
";"load_1_min=$load[1]%;$o_warnL[1];$o_critL[1]
";"load_5_min=$load[2]%;$o_warnL[2];$o_critL[2]\n";
} else {"\n";
}
$exit_val;
}
############## Netscreen CPU check ################
($o_check_type eq "nsc") {@oidlists = ($nsc_cpu_5m,
$nsc_cpu_1m, $nsc_cpu_5s);$resultat = (Net::SNMP->VERSION < 4) ?
$session->get_request(@oidlists)
: $session->get_request(-varbindlist =>
\@oidlists);(!defined($resultat)) {("ERROR: Description table :
%s.\n", $session->error);
$session->close;$ERRORS{"UNKNOWN"};
}
$session->close;
(!defined ($$resultat{$nsc_cpu_5s})) {"No CPU
information : UNKNOWN\n";$ERRORS{"UNKNOWN"};
}
@load = undef;
$load[0]=$$resultat{$nsc_cpu_5s};
$load[1]=$$resultat{$nsc_cpu_1m};
$load[2]=$$resultat{$nsc_cpu_5m};
"CPU : $load[0] $load[1] $load[2] :";
$exit_val=$ERRORS{"OK"};(my $i=0;$i<3;$i++) {(
$load[$i] > $o_critL[$i] ) {" $load[$i] > $o_critL[$i] :
CRITICAL";
$exit_val=$ERRORS{"CRITICAL"};
}( $load[$i] > $o_warnL[$i] ) {
# output warn error only if no critical was found($exit_val
eq $ERRORS{"OK"}) {" $load[$i] > $o_warnL[$i] :
WARNING";
$exit_val=$ERRORS{"WARNING"};
}
}
}" OK" if ($exit_val eq
$ERRORS{"OK"});(defined($o_perf)) {" |
cpu_5_sec=$load[0]%;$o_warnL[0];$o_critL[0]
";"cpu_1_min=$load[1]%;$o_warnL[1];$o_critL[1]
";"cpu_5_min=$load[2]%;$o_warnL[2];$o_critL[2]\n";
} else {"\n";
}
$exit_val;
}
################## CPU for : AS/400 , Netsnmp, HP, Bluecoat,
linkproof, fortigate ###########( $o_check_type =~
/netsc|as400|bc|nokia|^hp$|lp|fg/ ) {
# Get load table@oidlist =
$cpu_oid{$o_check_type};("Checking OID : @oidlist");$resultat =
(Net::SNMP->VERSION < 4) ?
$session->get_request(@oidlist)
: $session->get_request(-varbindlist =>
\@oidlist);(!defined($resultat)) {("ERROR: Description table :
%s.\n", $session->error);
$session->close;$ERRORS{"UNKNOWN"};
}
$session->close;
(!defined ($$resultat{$cpu_oid{$o_check_type}})) {"No
CPU information : UNKNOWN\n";$ERRORS{"UNKNOWN"};
}
$load=$$resultat{$cpu_oid{$o_check_type}};("OID returned
$load");
# for AS400, divide by 100($o_check_type eq
"as400") {$load /= 100; };
# for Net-snmp : oid returned idle time so load =
100-idle.($o_check_type eq "netsc") {$load = 100 - $load; };
("CPU used %.1f%% (",$load);
$exit_val=$ERRORS{"OK"};($load > $o_crit)
{">$o_crit) : CRITICAL";
$exit_val=$ERRORS{"CRITICAL"};
} else {($load > $o_warn) {">$o_warn) :
WARNING";
$exit_val=$ERRORS{"WARNING"};
}
}"<$o_warn) : OK" if ($exit_val eq
$ERRORS{"OK"});
(defined($o_perf)) ?" |
cpu_prct_used=$load%;$o_warn;$o_crit\n"
: print "\n";$exit_val;
}
##### Checking hpux load($o_check_type eq "hpux") {
("Checking hpux load");
@oidlists = ($hpux_load_1_min, $hpux_load_5_min,
$hpux_load_15_min);$resultat = (Net::SNMP->VERSION < 4) ?
$session->get_request(@oidlists)
: $session->get_request(-varbindlist => \@oidlists);
(!defined($resultat)) {("ERROR: Load table :
%s.\n", $session->error);
$session->close;$ERRORS{"UNKNOWN"};
}
$session->close;
(!defined ($$resultat{$hpux_load_1_min})) {"No Load
information : UNKNOWN\n";$ERRORS{"UNKNOWN"};
}
@load = undef;
$load[0]=$$resultat{$hpux_load_1_min}/100;
$load[1]=$$resultat{$hpux_load_5_min}/100;
$load[2]=$$resultat{$hpux_load_15_min}/100;
"Load : $load[0] $load[1] $load[2] :";
$exit_val=$ERRORS{"OK"};(my $i=0;$i<3;$i++) {(
$load[$i] > $o_critL[$i] ) {" $load[$i] > $o_critL[$i] :
CRITICAL";
$exit_val=$ERRORS{"CRITICAL"};
}( $load[$i] > $o_warnL[$i] ) {
# output warn error only if no critical was found($exit_val
eq $ERRORS{"OK"}) {" $load[$i] > $o_warnL[$i] :
WARNING";
$exit_val=$ERRORS{"WARNING"};
}
}
}" OK" if ($exit_val eq
$ERRORS{"OK"});(defined($o_perf)) {" |
load_1_min=$load[0]%;$o_warnL[0];$o_critL[0]
";"load_5_min=$load[1]%;$o_warnL[1];$o_critL[1]
";"load_15_min=$load[2]%;$o_warnL[2];$o_critL[2]\n";
} else {"\n";
}
$exit_val;
}
########## Standard cpu usage check ############
# Get desctiption table$resultat = (Net::SNMP->VERSION
< 4) ?
$session->get_table($base_proc)
: $session->get_table(Baseoid => $base_proc);
(!defined($resultat)) {("ERROR: Description table :
%s.\n", $session->error);
$session->close;$ERRORS{"UNKNOWN"};
}
$session->close;
($cpu_used,$ncpu)=(0,0);my $key ( keys %$resultat)
{("OID : $key, Desc : $$resultat{$key}");( $key =~ /$proc_load/) {
$cpu_used += $$resultat{$key};
$ncpu++;
}
}
($ncpu==0) {"Can't find CPU usage information :
UNKNOWN\n";$ERRORS{"UNKNOWN"};
}
$cpu_used /= $ncpu;"$ncpu CPU, ", $ncpu==1 ?
"load" : "average load";(" %.1f%%",$cpu_used);
$exit_val=$ERRORS{"OK"};
($cpu_used > $o_crit) {" > $o_crit% :
CRITICAL";
$exit_val=$ERRORS{"CRITICAL"};
} else {($cpu_used > $o_warn) {" > $o_warn% :
WARNING";
$exit_val=$ERRORS{"WARNING"};
}
}" < $o_warn% : OK" if ($exit_val eq
$ERRORS{"OK"});
(defined($o_perf)) ?" | cpu_prct_used=$cpu_used%;$o_warn;$o_crit\n"
: print "\n";$exit_val;
/usr/lib/nagios/plugins/check_snmp_mem.pl
#!/usr/bin/perl -w
# nagios: -epn
############################## check_snmp_mem ##############
#
# Help : ./check_snmp_mem.pl -h
#
strict;Net::SNMP;Getopt::Long;
# Nagios specific
lib "/usr/lib/nagios/plugins";utils qw(%ERRORS
$TIMEOUT);
#my $TIMEOUT = 15;
#my
%ERRORS=('OK'=>0,'WARNING'=>1,'CRITICAL'=>2,'UNKNOWN'=>3,'DEPENDENT'=>4);
# SNMP Datas
# Net-snmp memory
$nets_ram_free = "1.3.6.1.4.1.2021.4.6.0"; # Real
memory free$nets_ram_total = "1.3.6.1.4.1.2021.4.5.0"; # Real memory
total$nets_ram_cache = "1.3.6.1.4.1.2021.4.15.0"; # Real memory
cached$nets_swap_free = "1.3.6.1.4.1.2021.4.4.0"; # swap memory
free$nets_swap_total = "1.3.6.1.4.1.2021.4.3.0"; # Swap memory
total@nets_oids =
($nets_ram_free,$nets_ram_total,$nets_swap_free,$nets_swap_total,$nets_ram_cache);
# Cisco
$cisco_mem_pool = "1.3.6.1.4.1.9.9.48.1.1.1"; #
Cisco memory pool$cisco_index = "1.3.6.1.4.1.9.9.48.1.1.1.2"; #
memory pool name and index$cisco_valid =
"1.3.6.1.4.1.9.9.48.1.1.1.4"; # Valid memory if 1$cisco_used =
"1.3.6.1.4.1.9.9.48.1.1.1.5"; # Used memory$cisco_free =
"1.3.6.1.4.1.9.9.48.1.1.1.6"; # Free memory
# .1 : type, .2 : name, .3 : alternate, .4 : valid, .5 :
used, .6 : free, .7 : max free
# HP Procurve
$hp_mem_pool =
"1.3.6.1.4.1.11.2.14.11.5.1.1.2.2.1.1"; # HP memory pool$hp_mem_index
= "1.3.6.1.4.1.11.2.14.11.5.1.1.2.2.1.1.1"; # memory slot
index$hp_mem_total = "1.3.6.1.4.1.11.2.14.11.5.1.1.2.2.1.1.5"; #
Total Bytes$hp_mem_free = "1.3.6.1.4.1.11.2.14.11.5.1.1.2.2.1.1.6"; #
Free Bytes$hp_mem_free_seg =
"1.3.6.1.4.1.11.2.14.11.5.1.1.2.2.1.1.3"; # Free segments
# AS/400
# Windows NT/2K/(XP?)
# check_snmp_storage.pl -C <community> -H
<hostIP> -m "^Virtual Memory$" -w <warn %> -c <crit
%>
# Globals
$Version='1.1';
$o_host = undef; # hostname$o_community = undef; #
community$o_port = 161; # port$o_help= undef; # wan't some help ?$o_verb=
undef; # verbose mode$o_version= undef; # print version$o_netsnmp= 1; # Check
with netsnmp (default)$o_cisco= undef; # Check cisco router mem$o_hp= undef; #
Check hp procurve mem$o_warn= undef; # warning level option$o_warnR= undef; #
warning level for Real memory$o_warnS= undef; # warning levels for swap$o_crit=
undef; # Critical level option$o_critR= undef; # critical level for Real
memory$o_critS= undef; # critical level for swap$o_perf= undef; # Performance
data option$o_cache= undef; # Include cached memory as used memory$o_timeout=
undef; # Timeout (Default 5)$o_version2= undef; # use snmp v2c
# SNMPv3 specific$o_login= undef; # Login for
snmpv3$o_passwd= undef; # Pass for snmpv3$v3protocols=undef; # V3 protocol
list.$o_authproto='md5'; # Auth protocol$o_privproto='des'; # Priv
protocol$o_privpass= undef; # priv password
# functions
p_version { print "check_snmp_mem version :
$Version\n"; }
print_usage {"Usage: $0 [-v] -H <host> -C
<snmp_community> [-2] | (-l login -x passwd [-X pass -L
<authp>,<privp>]) [-p <port>] -w <warn level> -c
<crit level> [-I|-N|-E] [-f] [-m] [-t <timeout>] [-V]\n";
}
isnnum { # Return true if arg is not a number$num = shift;(
$num =~ /^(\d+\.?\d*)|(^\.\d+)$/ ) { return 0 ;}1;
}
round ($$) {"%.$_[1]f", $_[0];
}
help {"\nSNMP Memory Monitor for Nagios version
",$Version,"\n";"(c)2004-2006 to my cat Ratoune - Author:
Patrick Proy\n\n";_usage();<<EOT;
v, --verboseextra debugging information (including interface
list on the system)
h, --helpthis help message
H, --hostname=HOSTor IP address of host to check
C, --community=COMMUNITY NAMEname for the host's SNMP agent
(implies SNMP v1 or v2c with option)
, --v2csnmp v2c
l, --login=LOGIN ; -x, --passwd=PASSWDand auth password for
snmpv3 authenticationno priv password exists, implies AuthNoPriv
X, --privpass=PASSWDpassword for snmpv3 (AuthPriv protocol)
L, --protocols=<authproto>,<privproto>
<authproto> : Authentication protocol (md5|sha :
default md5)
<privproto> : Priv protocole (des|aes : default des)
P, --port=PORTport (Default 161)
w, --warn=INTEGER | INT,INTlevel for memory in percent (0 for
no checks)(-N switch) : comma separated level for Real Memory and Swap
I switch : warning level
c, --crit=INTEGER | INT,INTlevel for memory in percent (0 for
no checks)(-N switch) : comma separated level for Real Memory and Swap
I switch : critical level
N, --netsnmp (default)linux memory & swap provided by Net
SNMP
m, --memcachecached memory in used memory (only with
Net-SNMP)
I, --ciscocisco memory (sum of all memory pools)
E, --hpHP proccurve memory
f, --perfdatadata output
t, --timeout=INTEGERfor SNMP in seconds (Default: 5)
V, --versionversion number
}
# For verbose outputverb { my $t=shift; print
$t,"\n" if defined($o_verb) ; }
# Get the alarm signal (just in case snmp timout screws up)
$SIG{'ALRM'} = sub {("ERROR: Alarm signal (Nagios
time-out)\n");$ERRORS{"UNKNOWN"};
};
check_options {::Long::Configure ("bundling");(
'v' => \$o_verb, 'verbose' => \$o_verb,
'h' => \$o_help, 'help' => \$o_help,
'H:s' => \$o_host, 'hostname:s' => \$o_host,
'p:i' => \$o_port, 'port:i' => \$o_port,
'C:s' => \$o_community, 'community:s' => \$o_community,
'l:s' => \$o_login, 'login:s' => \$o_login,
'x:s' => \$o_passwd, 'passwd:s' => \$o_passwd,
'X:s' => \$o_privpass, 'privpass:s' => \$o_privpass,
'L:s' => \$v3protocols, 'protocols:s' => \$v3protocols,
't:i' => \$o_timeout, 'timeout:i' => \$o_timeout,
'V' => \$o_version, 'version' => \$o_version,
'I' => \$o_cisco, 'cisco' => \$o_cisco,
'N' => \$o_netsnmp, 'netsnmp' => \$o_netsnmp,
'E' => \$o_hp, 'hp' => \$o_hp,
'2' => \$o_version2, 'v2c' => \$o_version2,
'c:s' => \$o_crit, 'critical:s' => \$o_crit,
'w:s' => \$o_warn, 'warn:s' => \$o_warn,
'm' => \$o_cache, 'memcache' => \$o_cache,
'f' => \$o_perf, 'perfdata' => \$o_perf
);(defined ($o_help) ) { help(); exit
$ERRORS{"UNKNOWN"}};(defined($o_version)) { p_version(); exit
$ERRORS{"UNKNOWN"}};( ! defined($o_host) ) # check host and filter
{ print "No host defined!\n";print_usage(); exit
$ERRORS{"UNKNOWN"}}
# check snmp information( !defined($o_community) &&
(!defined($o_login) || !defined($o_passwd)) )
{ print "Put snmp login info!\n"; print_usage();
exit $ERRORS{"UNKNOWN"}}((defined($o_login) || defined($o_passwd))
&& (defined($o_community) || defined($o_version2)) )
{ print "Can't mix snmp v1,2c,3 protocols!\n";
print_usage(); exit $ERRORS{"UNKNOWN"}}(defined ($v3protocols))
{(!defined($o_login)) { print "Put snmp V3 login info with
protocols!\n"; print_usage(); exit
$ERRORS{"UNKNOWN"}}@v3proto=split(/,/,$v3protocols);((defined ($v3proto[0]))
&& ($v3proto[0] ne "")) {$o_authproto=$v3proto[0]; } # Auth
protocol(defined ($v3proto[1])) {$o_privproto=$v3proto[1]; } # Priv
protocol((defined ($v3proto[1])) && (!defined($o_privpass))) {"Put
snmp V3 priv login info with priv protocols!\n"; print_usage(); exit
$ERRORS{"UNKNOWN"}}
}(defined($o_timeout) && (isnnum($o_timeout) ||
($o_timeout < 2) || ($o_timeout > 60)))
{ print "Timeout must be >1 and <60 !\n";
print_usage(); exit $ERRORS{"UNKNOWN"}}(!defined($o_timeout))
{$o_timeout=5;}
#Check Warning and crit are present( ! defined($o_warn) || !
defined($o_crit))
{ print "Put warning and critical values!\n";
print_usage(); exit $ERRORS{"UNKNOWN"}}
# Get rid of % sign
$o_warn =~ s/\%//g;
$o_crit =~ s/\%//g;
# if -N or -E switch , undef $o_netsnmp(defined($o_cisco) ||
defined($o_hp) ) {
$o_netsnmp=undef;( isnnum($o_warn) || isnnum($o_crit))
{ print "Numeric value for warning or critical
!\n";print_usage(); exit $ERRORS{"UNKNOWN"} }( ($o_crit != 0)
&& ($o_warn > $o_crit) )
{ print "warning <= critical !
\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
}(defined($o_netsnmp)) {@o_warnL=split(/,/ ,
$o_warn);@o_critL=split(/,/ , $o_crit);(($#o_warnL != 1) || ($#o_critL != 1))
{ print "2 warnings and critical
!\n";print_usage(); exit $ERRORS{"UNKNOWN"}}(my
$i=0;$i<2;$i++) {( isnnum($o_warnL[$i]) || isnnum($o_critL[$i]))
{ print "Numeric value for warning or critical
!\n";print_usage(); exit $ERRORS{"UNKNOWN"} }(($o_critL[$i]!= 0)
&& ($o_warnL[$i] > $o_critL[$i]))
{ print "warning <= critical !
\n";print_usage(); exit $ERRORS{"UNKNOWN"}}( $o_critL[$i] >
100)
{ print "critical percent must be < 100
!\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
}
$o_warnR=$o_warnL[0];$o_warnS=$o_warnL[1];
$o_critR=$o_critL[0];$o_critS=$o_critL[1];
}
}
########## MAIN #######
_options();
# Check gobal timeout if snmp screws up(defined($TIMEOUT))
{("Alarm at $TIMEOUT");($TIMEOUT);
} else {("no timeout defined : $o_timeout +
10");($o_timeout+10);
}
# Connect to host($session,$error);( defined($o_login)
&& defined($o_passwd)) {
# SNMPv3 login(!defined ($o_privpass)) {("SNMPv3
AuthNoPriv login : $o_login, $o_authproto");
($session, $error) = Net::SNMP->session(
hostname => $o_host,
version => '3',
username => $o_login,
authpassword => $o_passwd,
authprotocol => $o_authproto,
timeout => $o_timeout
);
} else {("SNMPv3 AuthPriv login : $o_login,
$o_authproto, $o_privproto");
($session, $error) = Net::SNMP->session(
hostname => $o_host,
version => '3',
username => $o_login,
authpassword => $o_passwd,
authprotocol => $o_authproto,
privpassword => $o_privpass,
privprotocol => $o_privproto,
timeout => $o_timeout
);
}
} else {(defined ($o_version2)) {
# SNMPv2 Login("SNMP v2c login");
($session, $error) = Net::SNMP->session(
hostname => $o_host,
version => 2,
port => $o_port,
timeout => $o_timeout
);
} else {
# SNMPV1 login("SNMP v1 login");
($session, $error) = Net::SNMP->session(
hostname => $o_host,
community => $o_community,
port => $o_port,
timeout => $o_timeout
);
}
}(!defined($session)) {("ERROR opening session:
%s.\n", $error);$ERRORS{"UNKNOWN"};
}
# Global variable$resultat=undef;
########### Cisco memory check ############(defined
($o_cisco)) {
# Get Cisco memory table
$resultat = (Net::SNMP->VERSION < 4) ?
$session->get_table($cisco_mem_pool)
:$session->get_table(Baseoid => $cisco_mem_pool);
(!defined($resultat)) {("ERROR: Description table :
%s.\n", $session->error);
$session->close;$ERRORS{"UNKNOWN"};
}(@oid,@index)=(undef,undef);$nindex=0;my $key ( keys
%$resultat) {("OID : $key, Desc : $$resultat{$key}");( $key =~
/$cisco_index/ ) {
@oid=split (/\./,$key);
$index[$nindex++] = pop(@oid);
}
}
# Check if at least 1 memory pool exists($nindex == 0)
{("ERROR: No memory pools found");
$session->close;$ERRORS{"UNKNOWN"};
}
# Test every memory pool($c_output,$prct_free)=(undef,undef);($warn_s,$crit_s)=(0,0);($used,$free)=(0,0);(@index)
{
$c_output .="," if defined ($c_output);(
$$resultat{$cisco_valid . "." . $_} == 1 ) {
$used += $$resultat{$cisco_used . "." . $_};
$free += $$resultat{$cisco_free . "." . $_};
$prct_free=round($$resultat{$cisco_used . "." .
$_}*100/($$resultat{$cisco_free . "." . $_}+$$resultat{$cisco_used .
"." . $_}) ,0);
$c_output .= $$resultat{$cisco_index . "." . $_} .
":" . $prct_free . "%";(($o_crit!=0)&&($o_crit
<= $prct_free)) {
$crit_s =1;
} elsif (($o_warn!=0)&&($o_warn <= $prct_free)) {
$warn_s=1;
}
} else {
$c_output .= $$resultat{$cisco_index . "." . $_} .
": INVALID";
$crit_s =1;
}
}$total=$used+$free;
$prct_free=round($used*100/($total),0);("Total used :
$used, free: $free, output : $c_output");$c_status="OK";
$c_output .=" : " . $prct_free ."% :
";($crit_s == 1 ) {
$c_output .= " > " . $o_crit ;
$c_status="CRITICAL";
} else {($warn_s == 1 ) {
$c_output.=" > " . $o_warn;
$c_status="WARNING";
}
}
$c_output .= " ; ".$c_status;(defined ($o_perf)) {
$c_output .= " | ram_used=" . $used.";";
$c_output .= ($o_warn ==0)? ";" : round($o_warn *
$total/100,0).";";
$c_output .= ($o_crit ==0)? ";" : round($o_crit *
$total/100,0).";";
$c_output .= "0;" . $total ;
}
$session->close;"$c_output
\n";$ERRORS{$c_status};
}
########### HP Procurve memory check ############(defined
($o_hp)) {
# Get hp memory table
$resultat = (Net::SNMP->VERSION < 4) ?
$session->get_table($hp_mem_pool)
:$session->get_table(Baseoid => $hp_mem_pool);
(!defined($resultat)) {("ERROR: Description table :
%s.\n", $session->error);
$session->close;$ERRORS{"UNKNOWN"};
}(@oid,@index)=(undef,undef);$nindex=0;my $key ( keys
%$resultat) {("OID : $key, Desc : $$resultat{$key}");( $key =~
/$hp_mem_index/ ) {
@oid=split (/\./,$key);
$index[$nindex++] = pop(@oid);
}
}
# Check if at least 1 memory slots exists($nindex == 0)
{("ERROR: No memory slots found");
$session->close;$ERRORS{"UNKNOWN"};
}
# Consolidate the datas($total,$free)=(0,0);($c_output,$prct_free)=(undef,undef);(@index)
{
$c_output .="," if defined ($c_output);
$total += $$resultat{$hp_mem_total . "." . $_};
$free += $$resultat{$hp_mem_free . "." . $_};
$c_output .= "Slot " . $$resultat{$hp_mem_index .
"." . $_} . ":"
.round(
- ($$resultat{$hp_mem_free . "." . $_} *100 /
$$resultat{$hp_mem_total . "." . $_}) ,0)
. "%";
}$used = $total - $free;
$prct_free=round($used*100/($total),0);("Used : $used,
Free: $free, Output : $c_output");$c_status="OK";
$c_output .=" : " . $prct_free ."% :
";(($o_crit!=0)&&($o_crit <= $prct_free)) {
$c_output .= " > " . $o_crit ;
$c_status="CRITICAL";
} else {(($o_warn!=0)&&($o_warn <= $prct_free)) {
$c_output.=" > " . $o_warn;
$c_status="WARNING";
}
}
$c_output .= " ; ".$c_status;(defined ($o_perf)) {
$c_output .= " | ram_used=" . $used.";";
$c_output .= ($o_warn ==0)? ";" : round($o_warn *
$total/100,0).";";
$c_output .= ($o_crit ==0)? ";" : round($o_crit *
$total/100,0).";";
$c_output .= "0;" . $total ;
}
$session->close;"$c_output \n";$ERRORS{$c_status};
}
########### Net snmp memory check ############(defined
($o_netsnmp)) {
# Get NetSNMP memory values
$resultat = (Net::SNMP->VERSION < 4) ?
$session->get_request(@nets_oids)
:$session->get_request(-varbindlist =>
\@nets_oids);(!defined($resultat)) {("ERROR: netsnmp : %s.\n",
$session->error);
$session->close;$ERRORS{"UNKNOWN"};
}
($realused,$swapused)=(undef,undef);
$realused= defined($o_cache) ?
($$resultat{$nets_ram_total}-$$resultat{$nets_ram_free})/$$resultat{$nets_ram_total}
:
($$resultat{$nets_ram_total}-($$resultat{$nets_ram_free}+$$resultat{$nets_ram_cache}))/$$resultat{$nets_ram_total};
($$resultat{$nets_ram_total} == 0) { $realused = 0; }
$swapused= ($$resultat{$nets_swap_total} == 0) ? 0 :
($$resultat{$nets_swap_total}-$$resultat{$nets_swap_free})/$$resultat{$nets_swap_total};
$realused=round($realused*100,0);
$swapused=round($swapused*100,0);($o_cache) ?("Ram :
$$resultat{$nets_ram_free} / $$resultat{$nets_ram_total} : $realused")
:("Ram : $$resultat{$nets_ram_free}
($$resultat{$nets_ram_cache} cached) / $$resultat{$nets_ram_total} :
$realused");("Swap : $$resultat{$nets_swap_free} /
$$resultat{$nets_swap_total} : $swapused");
$n_status="OK";$n_output="Ram : " .
$realused . "%, Swap : " . $swapused . "%
:";((($o_critR!=0)&&($o_critR <= $realused)) ||
(($o_critS!=0)&&($o_critS <= $swapused))) {
$n_output .= " > " . $o_critR . ", " .
$o_critS;
$n_status="CRITICAL";
} else {((($o_warnR!=0)&&($o_warnR <= $realused))
|| (($o_warnS!=0)&&($o_warnS <= $swapused))) {
$n_output.=" > " . $o_warnR . ", " .
$o_warnS;
$n_status="WARNING";
}
}
$n_output .= " ; ".$n_status;(defined ($o_perf))
{(defined ($o_cache)) {
$n_output .= " | ram_used=" .
($$resultat{$nets_ram_total}-$$resultat{$nets_ram_free}).";";
}{
$n_output .= " | ram_used=" . ($$resultat{$nets_ram_total}-$$resultat{$nets_ram_free}-$$resultat{$nets_ram_cache}).";";
}
$n_output .= ($o_warnR ==0)? ";" : round($o_warnR *
$$resultat{$nets_ram_total}/100,0).";";
$n_output .= ($o_critR ==0)? ";" : round($o_critR *
$$resultat{$nets_ram_total}/100,0).";";
$n_output .= "0;" . $$resultat{$nets_ram_total}.
" ";
$n_output .= "swap_used=" .
($$resultat{$nets_swap_total}-$$resultat{$nets_swap_free}).";";
$n_output .= ($o_warnS ==0)? ";" : round($o_warnS *
$$resultat{$nets_swap_total}/100,0).";";
$n_output .= ($o_critS ==0)? ";" : round($o_critS *
$$resultat{$nets_swap_total}/100,0).";";
$n_output .= "0;" . $$resultat{$nets_swap_total};
}
$session->close;"$n_output
\n";$ERRORS{$n_status};
}
Приложение К
Конфигурация протокола SNMP на удаленных хостах
# sec.name source community
#com2sec paranoid default publicsec readonly default public
#com2sec readwrite default private
####
# Second, map the security names into group names:
# sec.model sec.nameMyROSystem v1 paranoidMyROSystem v2c
paranoidMyROSystem usm paranoidMyROGroup v1 readonlyMyROGroup v2c
readonlyMyROGroup usm readonlyMyRWGroup v1 readwriteMyRWGroup v2c
readwriteMyRWGroup usm readwrite
####
# Third, create a view for us to let the groups have rights
to:
# incl/excl subtree maskall included .1 80system included
.iso.org.dod.internet.mgmt.mib-2.system
####
# Finally, grant the 2 groups access to the 1 view with
different
# write permissions:
# context sec.model sec.level match read write
notifMyROSystem "" any noauth exact system none noneMyROGroup
"" any noauth exact all none noneMyRWGroup "" any noauth
exact all all none
Приложение Л
Конфигурация агента ядра сетевого мониторинга на
удаленных хостах
/etc/nagios/nrpe.cfg
# PID FILE
# The name of the file in which the NRPE daemon should write
it's process ID
# number. The file is only written if the NRPE daemon is
started by the root
# user and is running in standalone mode.
_file=/var/run/nrpe.pid
# PORT NUMBER
# Port number we should wait for connections on.
# NOTE: This must be a non-priviledged port (i.e. > 1024).
# NOTE: This option is ignored if NRPE is running under
either inetd or xinetd
_port=5666
# SERVER ADDRESS
# Address that nrpe should bind to in case there are more
than one interface
# and you do not want nrpe to bind on all interfaces.
# NOTE: This option is ignored if NRPE is running under
either inetd or xinetd
_address=192.168.10.158
# NRPE USER
# This determines the effective user that the NRPE daemon
should run as.
# You can either supply a username or a UID.
#
# NOTE: This option is ignored if NRPE is running under
either inetd or xinetd
_user=nagios
# NRPE GROUP
# This determines the effective group that the NRPE daemon
should run as.
# You can either supply a group name or a GID.
#
# NOTE: This option is ignored if NRPE is running under
either inetd or xinetd
_group=nagios
# ALLOWED HOST ADDRESSES
# This is an optional comma-delimited list of IP address or
hostnames
# that are allowed to talk to the NRPE daemon.
#
# Note: The daemon only does rudimentary checking of the
client's IP
# address. I would highly recommend adding entries in your
/etc/hosts.allow
# file to allow only the specified host to connect to the
port
# you are running this daemon on.
#
# NOTE: This option is ignored if NRPE is running under
either inetd or xinetd_hosts=127.0.0.1,192.168.10.2
# COMMAND ARGUMENT PROCESSING
# This option determines whether or not the NRPE daemon will
allow clients
# to specify arguments to commands that are executed. This
option only works
# if the daemon was configured with the --enable-command-args
configure script
# option.
#
# *** ENABLING THIS OPTION IS A SECURITY RISK! ***
# Read the SECURITY file for information on some of the
security implications
# of enabling this variable.
#
# Values: 0=do not allow arguments, 1=allow command arguments
_blame_nrpe=0
# COMMAND PREFIX
# This option allows you to prefix all commands with a
user-defined string.
# A space is automatically added between the specified prefix
string and the
# command line from the command definition.
#
# *** THIS EXAMPLE MAY POSE A POTENTIAL SECURITY RISK, SO USE
WITH CAUTION! ***
# Usage scenario:
# Execute restricted commmands using sudo. For this to work,
you need to add
# the nagios user to your /etc/sudoers. An example entry for
alllowing
# execution of the plugins from might be:
#
# nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/
#
# This lets the nagios user run all commands in that
directory (and only them)
# without asking for a password. If you do this, make sure
you don't give
# random users write access to that directory or its
contents!
# command_prefix=/usr/bin/sudo
# DEBUGGING OPTION
# This option determines whether or not debugging messages
are logged to the
# syslog facility.
# Values: 0=debugging off, 1=debugging on
=0
# COMMAND TIMEOUT
# This specifies the maximum number of seconds that the NRPE
daemon will
# allow plugins to finish executing before killing them off.
_timeout=60
# WEEK RANDOM SEED OPTION
# This directive allows you to use SSL even if your system
does not have
# a /dev/random or /dev/urandom (on purpose or because the
necessary patches
# were not applied). The random number generator will be
seeded from a file
# which is either a file pointed to by the environment
valiable $RANDFILE
# or $HOME/.rnd. If neither exists, the pseudo random number
generator will
# be initialized and a warning will be issued.
# Values: 0=only seed from /dev/[u]random, 1=also seed from
weak randomness
#allow_weak_random_seed=1
# INCLUDE CONFIG FILE
# This directive allows you to include definitions from an
external config file.
#include=<somefile.cfg>
# INCLUDE CONFIG DIRECTORY
# This directive allows you to include definitions from
config files (with a
# .cfg extension) in one or more directories (with
recursion).
#include_dir=<somedirectory>
#include_dir=<someotherdirectory>
# COMMAND DEFINITIONS
# Command definitions that this daemon will run. Definitions
# are in the following format:
#
# command[<command_name>]=<command_line>
#
# When the daemon receives a request to return the results of
<command_name>
# it will execute the command specified by the
<command_line> argument.
#
# Unlike Nagios, the command line cannot contain macros - it
must be
# typed exactly as it should be executed.
#
# Note: Any plugins that are used in the command lines must
reside
# on the machine that this daemon is running on! The examples
below
# assume that you have plugins installed in a
/usr/local/nagios/libexec
# directory. Also note that you will have to modify the
definitions below
# to match the argument format the plugins expect. Remember,
these are
# examples only!
# The following examples use hardcoded command arguments...
[check_users]=/usr/lib/nagios/plugins/check_users -w 5 -c
10[check_load]=/usr/lib/nagios/plugins/check_load -w 15,15,15 -c
30,25,20[check_disk1]=/usr/lib/nagios/plugins/check_disk -w 20 -c 10 -p
/dev/hda1[check_zombie_procs]=/usr/lib/nagios/plugins/check_procs -w 17000 -c
18000 -s Z[check_total_procs]=/usr/lib/nagios/plugins/check_procs -w 17000 -c
20000
# The following examples allow user-supplied arguments and
can
# only be used if the NRPE daemon was compiled with support
for
# command arguments *AND* the dont_blame_nrpe directive in this
# config file is set to '1'...
#command[check_users]=/usr/lib/nagios/plugins/check_users -w
$ARG1$ -c $ARG2$
#command[check_load]=/usr/lib/nagios/plugins/check_load -w
$ARG1$ -c $ARG2$
#command[check_disk]=/usr/lib/nagios/plugins/check_disk -w
$ARG1$ -c $ARG2$ -p $ARG3$
#command[check_procs]=/usr/lib/nagios/plugins/check_procs -w
$ARG1$ -c $ARG2$ -s $ARG3$
#
# local configuration:
# if you'd prefer, you can instead place directives
here=/etc/nagios/nrpe_local.cfg
Приложение М
Пример конфигурационного файла MRTG
/etc/mrtg/shaper/mrtg.cfg
# Created by
# /usr/bin/cfgmaker public@192.168.10.1
### Global Config Options
# for UNIX
# WorkDir: /home/http/mrtg
# for Debian: /var/www/mrtg/shaper
# or for NT
# WorkDir: c:\mrtgdata
### Global Defaults
# to get bits instead of bytes and graphs growing to the
right[_]: growright, bits
: no
######################################################################
# System: shaper
# Description: Linux shaper 2.6.31-bfs311 #1 SMP Fri Dec 4
10:23:03 YEKT 2009 x86_64
# Contact: Root <root@localhost> (configure
/etc/snmp/snmpd.local.conf)
# Location: Unknown (configure /etc/snmp/snmpd.local.conf)
######################################################################
### Interface 1 >> Descr: 'lo' | Name: 'lo' | Ip:
'127.0.0.1' | Eth: '' ###
### The following interface is commented out because:
### * it is a Software Loopback interface
#
# Target[192.168.10.1_1]: 1:public@192.168.10.1:
# SetEnv[192.168.10.1_1]: MRTG_INT_IP="127.0.0.1"
MRTG_INT_DESCR="lo"
# MaxBytes[192.168.10.1_1]: 1250000
# Title[192.168.10.1_1]: Traffic Analysis for 1 -- shaper
# PageTop[192.168.10.1_1]: <h1>Traffic Analysis for 1
-- shaper</h1>
# <div id="sysdetails">
# <table>
# <tr>
# <td>System:</td>
# <td>shaper in Unknown (configure
/etc/snmp/snmpd.local.conf)</td>
# </tr>
# <tr>
# <td>Maintainer:</td>
# <td>Root <root@localhost> (configure
/etc/snmp/snmpd.local.conf)</td>
# </tr>
# <tr>
# <td>Description:</td>
# <td>lo </td>
# </tr>
# <tr>
# <td>ifType:</td>
# <td>softwareLoopback (24)</td>
# </tr>
# <tr>
# <td>ifName:</td>
# <td>lo</td>
# </tr>
# <tr>
# <td>Max Speed:</td>
# <td>1250.0 kBytes/s</td>
# </tr>
# <tr>
# <td>Ip:</td>
# <td>127.0.0.1 (localhost)</td>
# </tr>
# </table>
# </div>
### Interface 2 >> Descr: 'eth2' | Name: 'eth2' | Ip:
'' | Eth: '30-78-30-30-32-33-35-34-32-35-34-33-30-66' ###
### The following interface is commented out because:
### * it is administratively DOWN
#
# Target[192.168.10.1_2]: 2:public@192.168.10.1:
# SetEnv[192.168.10.1_2]: MRTG_INT_IP=""
MRTG_INT_DESCR="eth2"
# MaxBytes[192.168.10.1_2]: 1250000
# Title[192.168.10.1_2]: Traffic Analysis for 2 -- shaper
# PageTop[192.168.10.1_2]: <h1>Traffic Analysis for 2
-- shaper</h1>
# <div id="sysdetails">
# <table>
# <tr>
# <td>System:</td>
# <td>shaper in Unknown (configure
/etc/snmp/snmpd.local.conf)</td>
# </tr>
# <tr>
# <td>Maintainer:</td>
# <td>Root <root@localhost> (configure
/etc/snmp/snmpd.local.conf)</td>
# </tr>
# <tr>
# <td>Description:</td>
# <td>eth2 </td>
# </tr>
# <tr>
# <td>ifType:</td>
# <td>ethernetCsmacd (6)</td>
# </tr>
# <tr>
# <td>ifName:</td>
# <td>eth2</td>
# </tr>
# <tr>
# <td>Max Speed:</td>
# <td>1250.0 kBytes/s</td>
# </tr>
# </table>
# </div>
### Interface 3 >> Descr: 'eth0' | Name: 'eth0' | Ip:
'192.168.10.1' | Eth: '30-78-30-30-31-62-32-31-32-65-37-62-65-36' ###
[192.168.10.1_3]: 3:public@192.168.10.1:[192.168.10.1_3]:
MRTG_INT_IP="192.168.10.1"
MRTG_INT_DESCR="eth0"[192.168.10.1_3]: 125000000[192.168.10.1_3]:
Traffic Analysis for 3 -- shaper[192.168.10.1_3]: <h1>Traffic Analysis
for 3 -- shaper</h1>
<div id="sysdetails">
<table>
<tr>
<td>System:</td>
<td>shaper in Unknown (configure
/etc/snmp/snmpd.local.conf)</td>
</tr>
<tr>
<td>Maintainer:</td>
<td>Root <root@localhost> (configure
/etc/snmp/snmpd.local.conf)</td>
</tr>
<tr>
<td>Description:</td>
<td>eth0 </td>
</tr>
<tr>
<td>ifType:</td>
<td>ethernetCsmacd (6)</td>
</tr>
<tr>
<td>ifName:</td>
<td>eth0</td>
</tr>
<tr>
<td>Max Speed:</td>
<td>1250.0 kBytes/s</td>
</tr>
<tr>
<td>Ip:</td>
<td>192.168.10.1 (shaper)</td>
</tr>
</table>
</div>
### Interface 4 >> Descr: 'eth1' | Name: 'eth1' | Ip:
'91.192.168.250' | Eth: '30-78-30-30-31-62-32-31-32-65-37-62-63-38' ###
[192.168.10.1_4]: 4:public@192.168.10.1:[192.168.10.1_4]:
MRTG_INT_IP="91.192.168.250"
MRTG_INT_DESCR="eth1"[192.168.10.1_4]: 125000000[192.168.10.1_4]:
Traffic Analysis for 4 -- shaper[192.168.10.1_4]: <h1>Traffic Analysis
for 4 -- shaper</h1>
<div id="sysdetails">
<table>
<tr>
<td>System:</td>
<td>shaper in Unknown (configure
/etc/snmp/snmpd.local.conf)</td>
</tr>
<tr>
<td>Maintainer:</td>
<td>Root <root@localhost> (configure
/etc/snmp/snmpd.local.conf)</td>
</tr>
<tr>
<td>Description:</td>
<td>eth1 </td>
</tr>
<tr>
<td>ifType:</td>
<td>ethernetCsmacd (6)</td>
</tr>
<tr>
<td>ifName:</td>
<td>eth1</td>
</tr>
<tr>
<td>Max Speed:</td>
<td>1250.0 kBytes/s</td>
</tr>
<tr>
<td>Ip:</td>
<td>91.192.168.250 (shaper.vpcit.ru)</td>
</tr>
</table>
</div>
Приложение Н
Рис. Н.1 - Пример представления графиков загрузки интерфейсов посредством
MRTG
Приложение О
Параметры crontab
/etc/cron.d/mrtg
-55/5 * * * * root if [ -x /usr/bin/mrtg ] && [ -r /etc/mrtg/bgp/mrtg.cfg ]; then env LANG=C /usr/bin/mrtg /etc/mrtg/bgp/mrtg.cfg >> /var/log/mrtg/mrtg.log 2>&1; fi
0-55/5 * * * * root if [ -x /usr/bin/mrtg ] && [ -r
/etc/mrtg/AT-9924/mrtg.cfg ]; then env/usr/bin/mrtg
/etc/mrtg/AT-9924/mrtg.cfg >> /var/log/mrtg/mrtg.log 2>&1; fi
-55/5 * * * * root if [ -x /usr/bin/mrtg ] && [ -r
/etc/mrtg/DES-3627G/mrtg.cfg ]; then env/usr/bin/mrtg
/etc/mrtg/DES-3627G/mrtg.cfg >> /var/log/mrtg/mrtg.log 2>&1; fi
-55/5 * * * * root if [ -x /usr/bin/mrtg ] && [ -r
/etc/mrtg/Rapier_24i/mrtg.cfg ]; then env/usr/bin/mrtg
/etc/mrtg/Rapier_24i/mrtg.cfg >> /var/log/mrtg/mrtg.log 2>&1; fi
-55/5 * * * * root if [ -x /usr/bin/mrtg ] && [ -r
/etc/mrtg/host_mail/mrtg.cfg ]; then env/usr/bin/mrtg
/etc/mrtg/host_mail/mrtg.cfg >> /var/log/mrtg/mrtg.log 2>&1; fi
-55/5 * * * * root if [ -x /usr/bin/mrtg ] && [ -r
/etc/mrtg/monitoring/mrtg.cfg ]; then env/usr/bin/mrtg
/etc/mrtg/monitoring/mrtg.cfg >> /var/log/mrtg/mrtg.log 2>&1; fi
-55/5 * * * * root if [ -x /usr/bin/mrtg ] && [ -r
/etc/mrtg/urrab_39a/mrtg.cfg ]; then env/usr/bin/mrtg
/etc/mrtg/urrab_39a/mrtg.cfg >> /var/log/mrtg/mrtg.log 2>&1; fi
-55/5 * * * * root if [ -x /usr/bin/mrtg ] && [ -r
/etc/mrtg/len_58a/mrtg.cfg ]; then env/usr/bin/mrtg /etc/mrtg/len_58a/mrtg.cfg
>> /var/log/mrtg/mrtg.log 2>&1; fi
-55/5 * * * * root if [ -x /usr/bin/mrtg ] && [ -r
/etc/mrtg/krivous_36b/mrtg.cfg ]; then env/usr/bin/mrtg
/etc/mrtg/krivous_36b/mrtg.cfg >> /var/log/mrtg/mrtg.log 2>&1; fi
-55/5 * * * * root if [ -x /usr/bin/mrtg ] && [ -r
/etc/mrtg/shaper/mrtg.cfg ]; then env/usr/bin/mrtg
/etc/mrtg/shaper/mrtg.cfg >> /var/log/mrtg/mrtg.log 2>&1; fi
-55/5 * * * * root if [ -x /usr/bin/mrtg ] && [ -r
/etc/mrtg/for/for.cfg ]; then env/usr/bin/mrtg /etc/mrtg/for/for.cfg
>> /var/log/mrtg/mrtg.log 2>&1; fi
Приложение П
Таблица П.1 - Подробное сравнение технических особенностей различных
сборщиков системных журналов
Параметр/Служба
|
syslogd
|
syslog-ng OSE
|
syslog-ng PE
|
Получение журналов от
|
|
|
|
UNIX domain
socket (stream & dgram)
|
Да
|
Да
|
Да
|
UDP
|
Да
|
Да
|
Да
|
UDP использующий IETF-syslog
стандартный протокол
|
-
|
Да
|
Да
|
TCP
|
-
|
Да
|
Да
|
TCP использующий IETF-syslog
стандартный протокол
|
-
|
Да
|
Да
|
UDP6
|
Зависит от ОС
|
Да
|
Да
|
TCP6
|
-
|
Да
|
Да
|
TLS-шифрованные каналы
|
-
|
Да
|
Да
|
TLS использующий IETF-syslog
стандартный протокол
|
-
|
Да
|
Да
|
Именованные каналы
|
-
|
Да
|
Да
|
Файл
|
-
|
Да
|
Да
|
Стандартный вывод (stdout) приложения
|
-
|
Да
|
Да
|
Устройство протоколирования
ядра на Linux, Solaris, BSD
|
klogd
|
Да
|
Да
|
Файл со звездочками в имени
или пути
|
-
|
-
|
Да
|
IBM System
i журанл аудита (QAUDJRN) &
журнал оператора терминала (QSYSOPR) (через отдельное приложение агента)
|
-
|
-
|
Да
|
Windows EventLog
/файлы журналов (через отделное агентское приложение)
|
-
|
-
|
Да
|
Отправка системных журналов
к
|
|
|
|
UNIX domain
sockets (stream & dgram)
|
-
|
Да
|
Да
|
UDP
|
Да
|
Да
|
Да
|
UDP использующий IETF-syslog
стандартный протокол
|
-
|
Да
|
Да
|
TCP
|
-
|
Да
|
Да
|
TCP использующий IETF-syslog
стандартный протокол
|
-
|
Да
|
Да
|
UDP6
|
depends on the OS
|
Да
|
Да
|
TCP6
|
-
|
Да
|
Да
|
Именованый канал
|
Да
|
Да
|
Да
|
Файл
|
Да
|
Да
|
Да
|
Шифрованый, сжатый, с
метками времени и проиндексированный двоичный файл
|
-
|
-
|
Да
|
SQL база данных (MySQL, Microsoft SQL (MSSQL), Oracle, PostgreSQL, SQLite)
|
-
|
Да
|
Да
|
Стандартный ввод любой
указанной пользователем программы
|
-
|
Да
|
Да
|
Пользовательский tty
|
Да
|
Да
|
Да
|
Поддержка встроенного TLS
шифрования при использовании TCP, TCP6, или IETF-syslog
протокола
|
-
|
Да
|
Да
|
Производительность
|
|
|
|
Принятие 75000 сообщений в
секунда (измерено с 150-байтовыми сообщениями на серверной платформе низшего
уровня)
|
-
|
Да
|
Да
|
Форматы сообщений
|
|
|
|
Поддержка сырых, не формата
syslog сообщений
|
-
|
Да
|
Да
|
Поддержка RFC3164
формата сообщений (BSD)
|
Да
|
Да
|
Да
|
Поддержка IETF-syslog
формата сообщений
|
-
|
Да
|
Да
|
Поддержка расширенных RFC3339
(ISO 8601) временных меток
|
-
|
Да
|
Да
|
Поддержка некоторых
нестандартных формтаов временных меток (Cisco
PIX, LinkSys, и др.)
|
-
|
Да
|
Да
|
Поддержка микросекундного
определения времени (точность настраивается пользователем)
|
-
|
Да
|
Да
|
Поддержка информации о
временных зонах
|
-
|
Да
|
Да
|
Поддержка определения
неверных имен хостов (позволяет принимать сообщения от приложений, которые
отправляют syslog сообщения в неправильном формате)
|
-
|
Да
|
Да
|
Поддержка сцепленного имени
хоста, котороая позволяет определить путь прохождения сообщения через релеи.
|
-
|
Да
|
Да
|
Обработка
сообщений/фильтрация
|
|
|
|
Поддержка разрешения имен
через DNS
|
Да
|
Да
|
Да
|
Поддержка разрешения имен
через файл (локальная карта IP->host)
|
-
|
Да
|
Да
|
Кэширование DNS
запросов для предотвращения перегрузки DNS серверов и повышения
производительности
|
-
|
Да
|
Да
|
Поддержка нормализации имен
хостов (принудительное приведение имен в нижний регистр)
|
-
|
Да
|
Да
|
Сообщения могут назначаться
нескольким независимым адресатам (файл, sql, несколько
удаленных серверов, и др.) одновременно
|
Да
|
Да
|
Да
|
Одна фильтрующая операция
может направлять сообщения по нескольким адресатам
|
-
|
Да
|
Да
|
Сегментирования текстовых
сообщений в пары имя=значение с использованием парсеров.
|
-
|
Да
|
Да
|
Использования результатов
парсинга как макросов
|
-
|
Да
|
Да
|
Определение значений по
умолчанию для макросов
|
-
|
Да
|
Да
|
Замена выбранных частей сообщения
|
-
|
Да
|
Да
|
Установка значения пар
имя=значение
|
-
|
Да
|
Да
|
Поддержка преобразования
временных меток между временными зонами
|
-
|
Да
|
Да
|
Поддержка контролируемых
потоков для путей журналов событий: принятие сообщений со входа
приостанавливается, пока адресат заполнен, пока адресам не сможет принимать
сообщения.
|
-
|
Да
|
Да
|
Поддержка сложных фильтров
с использованием булевой алгебры с операторами И/ИЛИ/НЕ и их выражений
|
-
|
Да
|
Да
|
Поддержка многократно
используемых фильтров: возможно единственное определение фильтра и его
последующее использование в нескольких путях журналов
|
-
|
Да
|
Да
|
-
|
Да
|
Да
|
Поддержка комбинированных
фильтров: фильтры могут быть объединены с использованием булевых операторов
|
-
|
Да
|
Да
|
Поддержка фильтрации по
содержимому с использованием регулярных выражений POSIX
|
-
|
Да
|
Да
|
Фильтрация по syslog facility и
priority
|
Да
|
Да
|
Да
|
Фильтрация по имени хоста
|
-
|
Да
|
Да
|
Фильтрация по имени
приложения
|
-
|
Да
|
Да
|
Фильтрация по содержимому
сообщения
|
-
|
Да
|
Да
|
Фильтрация по IP адресу
источника
|
-
|
Да
|
Да
|
Фильтрация по любым SD
метаданным при использовании IETF-syslog протокола
|
-
|
Да
|
Да
|
Поддержка отклонения
сообщений на основе фильтра
|
Да
|
Да
|
Да
|
Поддержка ограничения
потока сообщений, отправляемого получателю
|
-
|
Да
|
Да
|
Поддержка сортировка
сообщений по разным адресатам, все неотфильтрованный сообщения собираются в
резервном адресате
|
-
|
Да
|
Да
|
Сбор статистика по
адресатам, источникам и глобальным параметрам
|
-
|
Да
|
Да
|
Стастистика может быть
запрошена в любой момент посредствам сокетов unix-domain
|
-
|
Да
|
Да
|
Возможности
|
|
|
|
Автоматическое создание
директорий, основанное на содержимом сообщений.
|
-
|
Да
|
Да
|
Автоматическое создание
таблиц, колонок и индексов в SQL базах данных, основываясь на содержимом сообщений
|
-
|
Да
|
Да
|
Изменяемый формат сообщений
с использованием шаблонов и макросов
|
-
|
Да
|
Да
|
Сегментирование и изменение
содержимого сообщений
|
-
|
Да
|
Да
|
Поддержка автоматической
ротации журналов добавлением временных меток к лог-файлу и именам таблиц в
базе данных
|
-
|
Да
|
Да
|
Перезапуск
программ-адресатов, если они завершают работу
|
-
|
Да
|
Да
|
Перезапуск
программ-источников, если они завершают работу
|
-
|
Да
|
Да
|
Поддержка буферизации
сообщений на жестком диске для предотвращения потери сообщений в случае
недоступности адресата
|
-
|
-
|
Да
|
Содержимое дискового буфера
остается даже между перезапусками syslog-ng
|
-
|
-
|
Да
|
Поддержка аутентификации, X.509
при использовании TLS
|
-
|
Да
|
Да
|
Поддержка сетевого сжатия
при использовании TLS
|
-
|
Да
|
Да
|
Подержка файлов журналов
размером более 2GB
|
Да
|
Да
|
Да
|
Поддержка IP спуфинга при
перенаправлении сообщений с использованием UDP
|
-
|
Да
|
Да
|
Многопоточность при
исопльзовании SQL адресатов
|
-
|
Да
|
Да
|
Поддержка IPv6
|
Зависит от ОС
|
Да
|
Да
|
Поддержка и получение
сообщений от мультивещательных адресов
|
-
|
Да
|
Да
|
Временные метки могут
включать доли секунды
|
-
|
Да
|
Да
|
Может работать в режиме
клиента, релея или сервера
|
Да
|
Да
|
Да
|
Другие возможности
|
|
|
|
Переносимость: поддерживает
широкий спектр UNIX платформ (Linux, BSDs, Solaris, HP-UX, AIX)
|
Да
|
Да
|
Да
|
Живое и готовое помочь
комьюнити проекта посредством списка рассылки
|
-
|
Да
|
Да
|
Профессионально
составленная документация
|
Да
|
Да
|
Да
|
Коммерческая поддержка
|
Только от некоторых
поставщиков ОС
|
Да
|
Да
|
Проверено в боевых условиях
(более 10 лет существования и использования)
|
Да
|
Да
|
Да
|
Приложение Р
Фильтры и правила модуля сбора системных
журналов
/etc/syslog-ng/syslog-ng.conf
# Configuration file for syslog-ng under Debian
#
# attempts at reproducing default syslog behavior
# the standard syslog levels are (in descending order of
priority):
# emerg alert crit err warning notice info debug
# the aliases "error", "panic", and
"warn" are deprecated
# the "none" priority found in the original syslogd
configuration is
# only used in internal messages created by syslogd
######
# options
{
# disable the chained hostname format in logs
# (default is enabled)_hostnames(0);
# the time to wait before a died connection is re-established
# (default is 60)_reopen(10);
# the time to wait before an idle destination file is closed
# (default is 60)_reap(360);
# the number of lines buffered before written to file
# you might want to increase this if your disk isn't catching
with
# all the log messages you get or if you want less disk
activity
# (say on a laptop)
# (default is 0)
#sync(0);
# the number of lines fitting in the output
queue_fifo_size(2048);
# enable or disable directory creation for destination
files_dirs(yes);
# default owner, group, and permissions for log files
# (defaults are 0, 0, 0600)
#owner(root);(adm);(0640);
# default owner, group, and permissions for created
directories
# (defaults are 0, 0, 0700)
#dir_owner(root);
#dir_group(root);_perm(0755);
# enable or disable DNS usage
# syslog-ng blocks on DNS queries, so enabling DNS may lead
to
# a Denial of Service attack
# (default is yes)_dns(persist_only);
_cache_hosts(/etc/hosts);
# maximum length of message in bytes
# this is only limited by the program listening on the
/dev/log Unix
# socket, glibc can handle arbitrary length log messages, but
-- for
# example -- syslogd accepts only 1024 bytes
# (default is 2048)
#log_msg_size(2048);
#Disable statistic log messages._freq(0);
# Some program send log messages through a private
implementation.
# and sometimes that implementation is bad. If this happen
syslog-ng
# may recognise the program name as hostname. Whit this
option
# we tell the syslog-ng that if a hostname match this regexp
than that
# is not a real hostname._hostname("^gconfd$");
#_sleep(20);
};
######
# sources
# all known message sourcess_all {
# message generated by Syslog-NG();
# standard Linux log source (this is the default place for
the syslog()
# function to send logs to)stream("/dev/log");
# messages from the kernel("/proc/kmsg"
log_prefix("kernel: "));
# use the following line if you want to receive remote UDP
logging messages
# (this is equivalent to the "-r" syslogd flag)();
};
######
# destinations
# some standard log filesdf_auth {
file("/var/log/$HOST/auth.log"); };df_syslog {
file("/var/log/$HOST/syslog"); };df_cron {
file("/var/log/$HOST/cron.log"); };df_daemon {
file("/var/log/$HOST/daemon.log"); };df_kern {
file("/var/log/$HOST/kern.log"); };df_lpr {
file("/var/log/$HOST/lpr.log"); };df_mail {
file("/var/log/$HOST/mail.log"); };df_user {
file("/var/log/$HOST/user.log"); };df_uucp {
file("/var/log/$HOST/uucp.log"); };df_radius {
file("/var/log/$HOST/radius.log"); };
# these files are meant for the mail system log files
# and provide re-usable destinations for
{mail,cron,...}.info,
# {mail,cron,...}.notice, etc.df_facility_dot_info {
file("/var/log/$HOST/$FACILITY.info"); };df_facility_dot_notice {
file("/var/log/$HOST/$FACILITY.notice"); };df_facility_dot_warn {
file("/var/log/$HOST/$FACILITY.warn"); };df_facility_dot_err {
file("/var/log/$HOST/$FACILITY.err"); };df_facility_dot_crit {
file("/var/log/$HOST/$FACILITY.crit"); };
# these files are meant for the news system, and are kept
separated
# because they should be owned by "news" instead of
"root"df_news_dot_notice {
file("/var/log/$HOST/news/news.notice" owner("news"));
};df_news_dot_err { file("/var/log/$HOST/news/news.err"
owner("news")); };df_news_dot_crit {
file("/var/log/$HOST/news/news.crit" owner("news")); };
# some more classical and useful files found in standard
syslog configurationsdf_debug { file("/var/log/$HOST/debug");
};df_messages { file("/var/log/$HOST/messages"); };
# pipes
# a console to view log messages under Xdp_xconsole {
pipe("/dev/xconsole"); };
# consoles
# this will send messages to everyone logged indu_all {
usertty("*"); };
######
# filters
# all messages from the auth and authpriv facilitiesf_auth {
facility(auth, authpriv); };
# all messages except from the auth and authpriv
facilitiesf_syslog { not facility(auth, authpriv, mail, local7, local1); };
# respectively: messages from the cron, daemon, kern, lpr,
mail, news, user,
# and uucp facilitiesf_cron { facility(cron); };f_daemon {
facility(daemon); };f_kern { facility(kern); };f_lpr { facility(lpr); };f_mail
{ facility(mail); };f_news { facility(news); };f_user { facility(user);
};f_uucp { facility(uucp); };
# some filters to select messages of priority greater or
equal to info, warn,
# and err
# (equivalents of syslogd's *.info, *.warn, and
*.err)f_at_least_info { level(info..emerg); };f_at_least_notice {
level(notice..emerg); };f_at_least_warn { level(warn..emerg); };f_at_least_err
{ level(err..emerg); };f_at_least_crit { level(crit..emerg); };
# all messages of priority debug not coming from the auth,
authpriv, news, and
# mail facilitiesf_debug { level(debug) and not
facility(auth, authpriv, news, mail); };
# all messages of info, notice, or warn priority not coming
form the auth,
# authpriv, cron, daemon, mail, and news facilitiesf_messages
{(info,notice,warn)not facility(auth,authpriv,cron,daemon,mail,news) and
facility(local7);
};
# messages with priority emergf_emerg { level(emerg); };
# complex filter for messages usually sent to the xconsolef_xconsole
{(daemon,mail)level(debug,info,notice,warn)(facility(news)level(crit,err,notice));
};
# filter for radiusf_radius {(local1);
};
######
# logs
# order matters if you use "flags(final);" to mark
the end of processing in a
# "log" statement
# these rules provide the same behavior as the commented
original syslogd rules
# auth,authpriv.*
/var/log/auth.log{(s_all);(f_auth);(df_auth);
};
# *.*;auth,authpriv.none
-/var/log/syslog{(s_all);(f_syslog);(df_syslog);
};
# cron.* /var/log/cron.log{(s_all);(f_cron);(df_cron);
};
# daemon.*
-/var/log/daemon.log{(s_all);(f_daemon);(df_daemon);
};
# kern.* -/var/log/kern.log{(s_all);(f_kern);(df_kern);
};
# lpr.* -/var/log/lpr.log{(s_all);(f_lpr);(df_lpr);
};
# mail.* -/var/log/mail.log{(s_all);(f_mail);(df_mail);
};
# user.* -/var/log/user.log{(s_all);(f_user);(df_user);
};
# uucp.* /var/log/uucp.log{(s_all);(f_uucp);(df_uucp);
};
# mail.info -/var/log/mail.info
#log {
# source(s_all);
# filter(f_mail);
# filter(f_at_least_info);
# destination(df_facility_dot_info);
#};
# mail.warn -/var/log/mail.warn
#log {
# source(s_all);
# filter(f_mail);
# filter(f_at_least_warn);
# destination(df_facility_dot_warn);
#};
# mail.err
/var/log/mail.err{(s_all);(f_mail);(f_at_least_err);(df_facility_dot_err);
};
# news.crit
/var/log/news/news.crit{(s_all);(f_news);(f_at_least_crit);(df_news_dot_crit);
};
# news.err
/var/log/news/news.err{(s_all);(f_news);(f_at_least_err);(df_news_dot_err);
};
# news.notice
/var/log/news/news.notice{(s_all);(f_news);(f_at_least_notice);(df_news_dot_notice);
};
# *.=debug;\
# auth,authpriv.none;\
# news.none;mail.none
-/var/log/debug{(s_all);(f_debug);(df_debug);
};
# *.=info;*.=notice;*.=warn;\
# auth,authpriv.none;\
# cron,daemon.none;\
# mail,news.none -/var/log/messages{(s_all);(f_messages);(df_messages);
};
# *.emerg *{(s_all);(f_emerg);(du_all);
};
# daemon.*;mail.*;\
# news.crit;news.err;news.notice;\
# *.=debug;*.=info;\
# *.=notice;*.=warn
|/dev/xconsole{(s_all);(f_xconsole);(dp_xconsole);
};
# radius log{(s_all);(f_radius);
destination(df_radius);
};
На удаленных хостах необходимо обновить конфигурацию следующим образом:
/etc/syslog.conf
# /etc/syslog.conf Configuration file for syslogd.
#
# For more information see syslog.conf(5)
# manpage.
#
# First some standard logfiles. Log by facility.
#
,authpriv.* @log_host
*.*;auth,authpriv.none @log_host
# |/var/log/syslog.fifo
#cron.* @log_host.* @log_host.* @log_host.* @log_host.*
@log_host.* @log_host.* @log_host
#
# Logging for the mail system. Split it up so that
# it is easy to write scripts to parse these files.
#.info @log_host.warn @log_host.err @log_host
# Logging for INN news system
#.crit @log_host.err @log_host.notice @log_host
#
# Some `catch-all' logfiles.
#
*.=debug;\,authpriv.none;\.none;mail.none @log_host
*.=info;*.=notice;*.=warn;\,authpriv.none;\,daemon.none;\,news.none
@log_host
#
# Emergencies are sent to everybody logged in.
#
*.emerg *
#
# I like to have messages displayed on the console, but only
on a virtual
# console I usually leave idle.
#
#daemon,mail.*;\
# news.=crit;news.=err;news.=notice;\
# *.=debug;*.=info;\
# *.=notice;*.=warn /dev/tty8
# The named pipe /dev/xconsole is for the `xconsole' utility.
To use it,
# you must invoke `xconsole' with the `-file' option:
#
# $ xconsole -file /dev/xconsole [...]
#
# busy site..
#.*;mail.*;\.crit;news.err;news.notice;\
*.=debug;*.=info;\
*.=notice;*.=warn |/dev/xconsole
# local7.debug /var/log/dhcpd.log
Приложение С
Скрипт инициализации пакетного фильтра
/root/boot/firewall
#!/bin/bash
#
# local variables
="/sbin/iptables"
# just head
## clear all rules
$I -F INPUT
$I -F OUTPUT
$I -F FORWARD
$I -F POSTROUTING -t mangle
$I -F INPUT -t filter
## set default policy to drop all packets
$I -P INPUT DROP
$I -P OUTPUT DROP
$I -P FORWARD DROP
## allow tcp, udp packets for already established tcp, udp
connections
## plus tcp, udp packets creating new tcp, udp connections
$I -A INPUT -p tcp -m state --state ESTABLISHED,RELATED -j
ACCEPT
$I -A INPUT -p udp -m state --state ESTABLISHED,RELATED -j
ACCEPT
$I -A OUTPUT -p tcp -m state --state NEW,RELATED,ESTABLISHED
-j ACCEPT
$I -A OUTPUT -p udp -m state --state NEW,RELATED,ESTABLISHED
-j ACCEPT
## allow loopback, for applications using UNIX sockets
$I -A INPUT -i lo -j ACCEPT
$I -A OUTPUT -o lo -j ACCEPT
# Services
## allow to connect via ssh and others wants to connect my PC
via ssh
$I -A INPUT -p tcp --dport 22 -j ACCEPT -s <source>
<…>
## I want to show web face of nagios and mrtg
$I -A INPUT -p tcp --dport http -j ACCEPT -s <source>
<…>
## Here goes OCS Inventory needs access
$I -A INPUT -p tcp --dport http -j ACCEPT -i eth0.92
## allow icmp
$I -A INPUT -p icmp -j ACCEPT
$I -A OUTPUT -p icmp -j ACCEPT
## system logging
$I -A INPUT -p udp --dport 514 -j ACCEPT -s <source>
<…>
Похожие работы на - Система мониторинга ресурсов и сервисов локальной вычислительной сети
|