Skip to content

Learning Nagios (NRPE for Linux boxes) – 3

October 19, 2011

Resources: Please note that I am going to follow the instructions as mentioned in the NRPE.pdf available on the nagios website.

So, we will now try to setup monitoring of a linux server using the NRPE addon.

Assuming the nagios server or the monitoring host is xxx-vm109 (sip) and the linux host to be monitored is xxx-vm066 (hip)

We need to first login as root on the 66 box and run the following commands:

useradd nagios
passwd nagios
go to /home/nagios and mkdir downloads
cd to downloads and run wget
tar xvf nagios-plugins-1.4.15.tar.gz
cd nagios-plugins-1.4.15
make install
chown nagios:nagios /usr/local/nagios
chown -R nagios:nagios /usr/local/nagios/libexec

Go back to downloads directory again and download the NRPE plugin –

tar xvf nrpe-2.12.tar.gz
cd nrpe-2.12
After this, you might get an error like this:
checking for SSL libraries… configure: error: Cannot find ssl libraries

So, for this, you basically need to install some libraries. Download the necessary rpms (RHEL5 32 bit) from here. For some of the below rpms, you have to give –replacefiles option because there will be some conflicts between the new rpms and older rpms.

rpm -iv –replacefiles e2fsprogs-libs-1.39-33.el5.i386.rpm
rpm -ivh e2fsprogs-devel-1.39-33.el5.i386.rpm
rpm -ivh keyutils-libs-devel-1.2-1.el5.i386.rpm
rpm -iv –replacefiles krb5-libs-1.6.1-62.el5.i386.rpm
rpm -ivh –replacefiles libselinux-1.33.4-5.7.el5.i386.rpm
rpm -iv –replacefiles libsepol-1.15.2-3.el5.i386.rpm
rpm -ivh libsepol-devel-1.15.2-3.el5.i386.rpm
rpm -ivh libselinux-devel-1.33.4-5.7.el5.i386.rpm
rpm -ivh krb5-devel-1.6.1-62.el5.i386.rpm
rpm -ivh zlib-devel-1.2.3-4.el5.i386.rpm
rpm -iv –replacefiles openssl-0.9.8e-20.el5.i386.rpm
rpm -ivh openssl-devel-0.9.8e-20.el5.i386.rpm

You should be good to go now.

After this, give “make all”

make install-plugin
make install-daemon
make install-daemon-config
make install-xinetd
vi /etc/xinetd.d/nrpe file and add sip as the IP address in the only_from directive
vi /etc/services and add “nrpe 5666/tcp #NRPE” to it
service xinetd restart

Then, check if its listening properly:
[root@xxx-vm066 nrpe-2.12]# netstat -at | grep nrpe
tcp 0 0 *:nrpe *:* LISTEN

Then, run
/usr/local/nagios/libexec/check_nrpe -H localhost

You might see this error: CHECK_NRPE: Error – Could not complete SSL handshake.

Well, this basically happens because you have already changed the IP address in the only_from directive above. You will notice that if you change the IP address back to and run the above command, it will give you an output as below:

[root@xxx-vm066 nrpe-2.12]# /usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.12

So, after verifying that everything is okay, please go and change back the IP address to the monitoring host again.
Also, dont forget to restart the xinetd service

OPEN THE FIREWALL RULES – contd tomorrow


From → Monitoring

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: