Team: Ilja Shustov, Sheela Raj

Group : Cyber Security Engineering (C21)

Page Created: 10 November 2016

‎Last modified: 12 November 2016

Introduction

In this article, we will cover the installation of Nagios, a very popular open source monitoring system, on Ubuntu. We will cover some basic configuration, so you will be able to monitor host resources via the web interface. We will also utilize the Nagios Remote Plugin Executor (NRPE), that will be installed as an agent on remote hosts, to monitor their local resources.

Monitoring

Server monitoring is basically a preventative measure to help you detect any issues before they cause any major issues that affect your productivity and your customer.

Server monitoring is a process of continuously scanning servers on a designated network and scans the network for any failures or any irregularities that are detected by server monitoring software.

Why monitoring is important?

Any network crashes costs time and money to fix. At a time of downtime that is already costing your business money and hurting your reputation, it will be difficult to have to fork out more cash to get things back up and running again. Server monitoring is important so that you can pick up any small issues before they evolve into anything major. Server monitoring is essential in ensuring service availability.

Nagios

Nagios is an open source computer-software application that monitors systems, networks and infrastructure. Nagios offers monitoring and alerting services for servers, switches, applications and services. It alerts users when things go wrong and alerts them a second time when the problem has been resolved.

By using Nagios, you can:

• Plan for infrastructure upgrades before outdated systems cause failures
• Respond to issues at the first sign of a problem
• Automatically fix problems when they are detected
• Coordinate technical team responses
• Ensure your organization’s SLAs are being met
• Ensure IT infrastructure outages have a minimal effect on your organization’s bottom line
• Monitor your entire infrastructure and business processes

Before You Begin

Check your current Ubuntu version & Upgrade

You can check your current ubuntu version by the following command:

lsb_release -a

If your machine is already running Ubuntu 16.04.1 LTS or higher than that, There is no need for you to upgrade the OS.

Otherwise you need to upgrade the OS by the following command:

sudo apt-get update && sudo apt-get upgrade

Note: This article is written for a non-root user. Commands that require elevated privileges are prefixed with sudo. If you’re not familiar with the sudo command, you can check the Users and Groups guide.

Install the required package

As a prerequisite, Nagios requires the gcc compiler and build-essentials for the compilation, LAMP (Apache, PHP, MySQL) for the Nagios web interface and Sendmail to send alerts from the server.

To install all those packages, run the following command (it's just 1 line):

sudo apt-get install wget build-essential apache2 php apache2-mod-php7.0 php-gd libgd-dev sendmail unzip

Create Users and Groups

Create a user nagios, and a distinct group nagcmd.

Add nagios and the Apache user www-data, to the nagcmd group in order to run external commands on Nagios through the web interface

Use the following command to create:

To create user:

sudo useradd nagios

To create group:

sudo groupadd nagcmd

To add user to the group:

sudo usermod -a -G nagcmd nagios && sudo usermod -a -G nagcmd www-data

Installing Nagios

Download and extract Nagios

In your web browser, go to the Nagios Core DIY download page.It will ask you to register, If you prefer not to register for updates, click Skip to download.

Under Nagios Core, find the release that says Latest stable release under Notes, then copy the download link to your clipboard.

Now using wget and tar, download the Nagios and extract it.

To download, paste the copied link after wget:

wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.2.0.tar.gz

Command to extract:

tar -xzf nagios*.tar.gz

Now move to the newly created directory, by using the following command:

cd nagios-4.2.0

Compile Nagios

Before you build Nagios, you will have to configure it with the user and the group you have created earlier.

command to configure:

./configure --with-nagios-group=nagios --with-command-group=nagcmd

For more information please use: ./configure --help

Now compile Nagios with this command:

make all

To install Nagios

Now we can run these make commands to install Nagios, init scripts, and sample configuration files:

sudo make install

sudo make install-commandmode

sudo make install-init

sudo make install-config

/usr/bin/install -c -m 644 sample-config/httpd.conf /etc/apache2/sites-available/nagios.conf

And copy evenhandler directory to the nagios directory:

sudo cp -R contrib/eventhandlers/ /usr/local/nagios/libexec/

sudo chown -R nagios:nagios /usr/local/nagios/libexec/eventhandlers

Nagios Plugins

Nagios Plugins allow you to monitor services like DHCP, FTP, HTTP and NTP.

Download and extract the Nagios plugins

To use Nagios Plugins, go to Nagios Plugins downloads page and copy the download link for the current stable release.

Now using wget and tar, download and extract Nagios plugin.

Use the following command to move back into user's home directory:

cd ~

To download, paste the copied link after wget:

wget https://nagios-plugins.org/download/nagios-plugins-2.1.2.tar.gz

Command to extract:

tar -xzf nagios-plugins*.tar.gz

Now Change to the newly created directory by the following command:

cd nagios-plugins-2.1.2/

Install Nagios plugins

Install the Nagios plugin's with the following commands:

./configure --with-nagios-user=nagios --with-nagios-group=nagios --with-openssl

make

sudo make install

Configure Nagios

Now let's perform the initial Nagios configuration.

Organize Nagios Configuration

Open the main Nagios configuration file in your favorite text editor(vim/nano).

We'll use nano to edit the file:

sudo nano /usr/local/nagios/etc/nagios.cfg

Now find and uncomment the following line by deleting the #:

#cfg_dir=/usr/local/nagios/etc/servers

Save and exit.

Now create the directory named servers that will store the configuration file for each server that you will monitor:

sudo mkdir /usr/local/nagios/etc/servers

Change the user and group for the new folder to nagios:

sudo chown nagios:nagios /usr/local/nagios/etc/servers

Configure Nagios Contacts

Open the Nagios contacts configuration in your favorite text editor(nano/vim).

We'll use nano to edit the file:

sudo nano /usr/local/nagios/etc/objects/contacts.cfg

Find the email directive, and replace its value with your own email address

Save and exit.

Configuring Apache

Enable Apache modules

Make sure Apache has mod_rewrite and mod_cgi enabled

Enable the Apache rewrite and cgi modules by the following command:

sudo a2enmod rewrite && sudo a2enmod cgi

You can use the htpasswd command to configure a user nagiosadmin for the nagios web interface

sudo htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

and type your password.

Enable the Nagios virtualhost

You can enable Nagios Virtualhost by the following command:

sudo ln -s /etc/apache2/sites-available/nagios.conf /etc/apache2/sites-enabled/

Start Apache and Nagios

Start the Apache and Nagios by the following command:

sudo service apache2 restart

sudo service nagios start

When Nagios starts, you may see the following error :

Starting nagios (via systemctl): nagios.serviceFailed

And you can fix it by:

cd /etc/init.d/

sudo cp /etc/init.d/skeleton /etc/init.d/nagios

Now edit the Nagios file by the following command:

sudo nano /etc/init.d/nagios

And add the following code:

DESC="Nagios"

NAME=nagios

DAEMON=/usr/local/nagios/bin/$NAME

DAEMON_ARGS="-d /usr/local/nagios/etc/nagios.cfg"

PIDFILE=/usr/local/nagios/var/$NAME.lock

Make it executable, restart apache2 and start Nagios:

sudo chmod +x /etc/init.d/nagios

sudo service apache2 restart

sudo servuce nagios start

Testing the Nagios Server

Open your favorite web browser, and go to your Nagios server (substitute the IP address or hostname)

(in my case: http://192.168.56.200/nagios).

Because we configured Apache to use htpasswd, you must enter the login credentials that you created earlier.

We used "nagiosadmin" as the username:

After authenticating, you will be see the default Nagios home page:

In the Homepage, click on the Hosts link, in the left navigation bar, to see which hosts Nagios is monitoring:

As you can see, Nagios is monitoring only "localhost", or itself.

Let's monitor another host with Nagios!

Adding a Host to Monitor

In this section, you can see how to add a ubuntu host to Nagios server, so it will be monitored.

Note: Here replace the IP with your Nagios server IP and Ubuntu Host IP

In my case:

Nagios Server IP : 192.168.56.200

Ubuntu Host IP : 192.168.56.100

Connect to ubuntu host

You can connect to Ubuntu host by using ssh

If you are not familiar with ssh use this Beginner’s Guide To Setting Up SSH On Linux

ssh student@192.168.56.100

Install NRPE Service

Now install Nagios Plugins and NRPE by following command:

sudo apt-get install nagios-nrpe-server nagios-plugins

Configure NRPE

Now, let's update the NRPE configuration file.

Open it in your favorite editor (we're using nano):

sudo nano /etc/nagios/nrpe.cfg

Find the server_address directive, and add the private IP address of your Nagios server

In my case:

server_address=192.168.56.200

Save and exit.

Restart NRPE

Restart NRPE by following command:

sudo service nagios-nrpe-server restart

Add Ubuntu Host to Nagios Server

connect to the Nagios server:

ssh student@192.168.56.200

Then create a new file for the host configuration in /usr/local/nagios/etc/servers/.

sudo nano /usr/local/nagios/etc/servers/ubuntu_host.cfg

Add the following lines:

# Ubuntu Host configuration file

define host {
        use                          linux-server
        host_name                    ubuntu_host
        alias                        Ubuntu Host
        address                      192.168.1.100
        register                     1
}

define service {
      host_name                       ubuntu_host
      service_description             PING
      check_command                   check_ping!100.0,20%!500.0,60%
      max_check_attempts              2
      check_interval                  2
      retry_interval                  2
      check_period                    24x7
      check_freshness                 1
      contact_groups                  admins
      notification_interval           2
      notification_period             24x7
      notifications_enabled           1
      register                        1
}

define service {
      host_name                       ubuntu_host
      service_description             Check Users
      check_command           check_local_users!20!50
      max_check_attempts              2
      check_interval                  2
      retry_interval                  2
      check_period                    24x7
      check_freshness                 1
      contact_groups                  admins
      notification_interval           2
      notification_period             24x7
      notifications_enabled           1
      register                        1
}

define service {
      host_name                       ubuntu_host
      service_description             Local Disk
      check_command                   check_local_disk!20%!10%!/
      max_check_attempts              2
      check_interval                  2
      retry_interval                  2
      check_period                    24x7
      check_freshness                 1
      contact_groups                  admins
      notification_interval           2
      notification_period             24x7
      notifications_enabled           1
      register                        1
}

define service {
      host_name                       ubuntu_host
      service_description             Check SSH
      check_command                   check_ssh
      max_check_attempts              2
      check_interval                  2
      retry_interval                  2
      check_period                    24x7
      check_freshness                 1
      contact_groups                  admins
      notification_interval           2
      notification_period             24x7
      notifications_enabled           1
      register                        1
}

define service {
      host_name                       ubuntu_host
      service_description             Total Process
      check_command                   check_local_procs!250!400!RSZDT
      max_check_attempts              2
      check_interval                  2
      retry_interval                  2
      check_period                    24x7
      check_freshness                 1
      contact_groups                  admins
      notification_interval           2
      notification_period             24x7
      notifications_enabled           1
      register                        1
}

You can find many check_command in /usr/local/nagios/etc/objects/commands.cfg file. See there if you want to add more services like DHCP, POP etc.

And now check the configuration:

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

... to see if the configuration is correct.

Restart all services

On the Ubuntu Host start NRPE Service:

sudo service nagios-nrpe-server restart

And on the Nagios server, start Apache and Nagios:

sudo service apache2 restart

sudo service nagios restart

Testing the Ubuntu Host

Open the Nagios server from the browser and see the ubuntu_host being monitored.

The Ubuntu host is available on monitored host.

All services monitored without error.

Summary

Nagios is an open application for systems monitoring. It has several advantages, but main of them are:

• Easy to install and configure
• Easy to to use
• Supports extensions and plugins

Reference

1- Nagios Installation

2- Nagios tutorial

3- Install Nagios and monitor your servers on ubuntu

4- Nagios in 30 minutes and jumpstart your monitoring

5- Nagios Plugins

6- Introduction Monitoring

7- Introduction Nagios