Monitoring Nagios

From ICO wiki
Revision as of 00:07, 11 November 2016 by Ssumathi (talk | contribs)
Jump to navigationJump to search

Team: Sheela Raj, Ilja Shustov

Group : Cyber Security Engineering (C21)

Page Created: 10 November 2016

‎Last modified:

Introduction

In this article, we will cover the installation of Nagios, a very popular open source monitoring system, on Ubuntu. We will cover some basic configuration, so you will be able to monitor host resources via the web interface. We will also utilize the Nagios Remote Plugin Executor (NRPE), that will be installed as an agent on remote hosts, to monitor their local resources.

Monitoring

Before You Begin

Check your current Ubuntu version & Upgrade

You can check your current ubuntu version by the following command:

lsb_release -a

If your machine is already running Ubuntu 16.04.1 LTS or higher than that, There is no need for you to upgrade the OS.

Otherwise you need to upgrade the OS by the following command:

sudo apt-get update && sudo apt-get upgrade

Note: This article is written for a non-root user. Commands that require elevated privileges are prefixed with sudo. If you’re not familiar with the sudo command, you can check the Users and Groups guide.

Install the required package

As a prerequisite, Nagios requires the gcc compiler and build-essentials for the compilation, LAMP (Apache, PHP, MySQL) for the Nagios web interface and Sendmail to send alerts from the server.

To install all those packages, run the following command (it's just 1 line):

sudo apt-get install wget build-essential apache2 php apache2-mod-php7.0 php-gd libgd-dev sendmail unzip

Create Users and Groups

Create a user nagios, and a distinct group nagcmd.

Add nagios and the Apache user www-data, to the nagcmd group in order to run external commands on Nagios through the web interface

Use the following command to create:

To create user:

sudo useradd nagios

To create group:

sudo groupadd nagcmd

To add user to the group:

sudo usermod -a -G nagcmd nagios && sudo usermod -a -G nagcmd www-data

Installing Nagios

Download and extract Nagios

In your web browser, go to the Nagios Core DIY download page.It will ask you to register, If you prefer not to register for updates, click Skip to download.

Under Nagios Core, find the release that says Latest stable release under Notes, then copy the download link to your clipboard.

Now using wget and tar, download the Nagios and extract it.

To download, paste the copied link after wget:

wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.2.0.tar.gz

Command to extract:

tar -xzf nagios*.tar.gz

Now move to the newly created directory, by using the following command:

cd nagios-4.2.0

Compile Nagios

Before you build Nagios, you will have to configure it with the user and the group you have created earlier.

command to configure:

./configure --with-nagios-group=nagios --with-command-group=nagcmd

For more information please use: ./configure --help

Now compile Nagios with this command:

make all

To install Nagios

Now we can run these make commands to install Nagios, init scripts, and sample configuration files:

sudo make install

sudo make install-commandmode

sudo make install-init

sudo make install-config

/usr/bin/install -c -m 644 sample-config/httpd.conf /etc/apache2/sites-available/nagios.conf

And copy evenhandler directory to the nagios directory:

sudo cp -R contrib/eventhandlers/ /usr/local/nagios/libexec/

sudo chown -R nagios:nagios /usr/local/nagios/libexec/eventhandlers

Nagios Plugins

Nagios Plugins allow you to monitor services like DHCP, FTP, HTTP and NTP.

Download and extract the Nagios plugins

To use Nagios Plugins, go to Nagios Plugins downloads page and copy the download link for the current stable release.

Now using wget and tar, download and extract Nagios plugin.

Use the following command to move back into user's home directory:

cd ~

To download, paste the copied link after wget:

wget https://nagios-plugins.org/download/nagios-plugins-2.1.2.tar.gz

Command to extract:

tar -xzf nagios-plugins*.tar.gz

Now Change to the newly created directory by the following command:

cd nagios-plugins-2.1.2/

Install Nagios plugins

Install the Nagios plugin's with the following commands:

./configure --with-nagios-user=nagios --with-nagios-group=nagios --with-openssl

make

sudo make install

Configure Nagios

Now let's perform the initial Nagios configuration.

Organize Nagios Configuration

Open the main Nagios configuration file in your favorite text editor(vim/nano).

We'll use nano to edit the file:

sudo nano /usr/local/nagios/etc/nagios.cfg

Now find and uncomment the following line by deleting the #:

#cfg_dir=/usr/local/nagios/etc/servers

Save and exit.

Now create the directory named servers that will store the configuration file for each server that you will monitor:

sudo mkdir /usr/local/nagios/etc/servers

Change the user and group for the new folder to nagios:

sudo chown nagios:nagios /usr/local/nagios/etc/servers

Nagios Email

Configure Nagios Contacts

Open the Nagios contacts configuration in your favorite text editor(nano/vim).

We'll use nano to edit the file:

sudo nano /usr/local/nagios/etc/objects/contacts.cfg

Find the email directive, and replace its value with your own email address

Save and exit.

Configuring Apache

Enable Apache modules

Make sure Apache has mod_rewrite and mod_cgi enabled

Enable the Apache rewrite and cgi modules by the following command:

sudo a2enmod rewrite && sudo a2enmod cgi

You can use the htpasswd command to configure a user nagiosadmin for the nagios web interface

sudo htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

and type your password.

Enable the Nagios virtualhost

You can enable Nagios Virtualhost by the following command:

sudo ln -s /etc/apache2/sites-available/nagios.conf /etc/apache2/sites-enabled/

Start Apache and Nagios

Start the Apache and Nagios by the following command:

sudo service apache2 restart

sudo service nagios start

When Nagios starts, you may see the following error :

Starting nagios (via systemctl): nagios.serviceFailed

And you can fix it by:

cd /etc/init.d/

sudo cp /etc/init.d/skeleton /etc/init.d/nagios

Now edit the Nagios file by the following command:

sudo nano /etc/init.d/nagios

And add the following code:

DESC="Nagios"

NAME=nagios

DAEMON=/usr/local/nagios/bin/$NAME

DAEMON_ARGS="-d /usr/local/nagios/etc/nagios.cfg"

PIDFILE=/usr/local/nagios/var/$NAME.lock

Make it executable, restart apache2 and start Nagios:

sudo chmod +x /etc/init.d/nagios

sudo service apache2 restart

sudo servuce nagios start

Testing the Nagios Server

Open your favorite web browser, and go to your Nagios server (substitute the IP address or hostname)

(in my case: http://192.168.56.200/nagios).

Because we configured Apache to use htpasswd, you must enter the login credentials that you created earlier.

We used "nagiosadmin" as the username:

Nagios Authentication page

After authenticating, you will be see the default Nagios home page:

Nagios Homepage

In the Homepage, click on the Hosts link, in the left navigation bar, to see which hosts Nagios is monitoring:

Nagios Hostpage

As you can see, Nagios is monitoring only "localhost", or itself.

Let's monitor another host with Nagios!

Adding a Host to Monitor

In this section, you can see how to add a ubuntu host to Nagios server, so it will be monitored.

Note: Here replace the IP with your Nagios server IP and Ubuntu Host IP

In my case:

Nagios Server IP : 192.168.56.200

Ubuntu Host IP : 192.168.56.100

Connect to ubuntu host

You can connect to Ubuntu host by using ssh

If you are not familiar with ssh use this Beginner’s Guide To Setting Up SSH On Linux