NRPE in the Enterpriseīy default, NRPE is configured to monitor basic system metrics.
The NRPE documentation is quite good and from this point on we assume that you have an NRPE daemon running on a remote server and we assume that check_nrpe has been compiled and installed on your Nagios server using the default settings.
#Nagios windows monitor install
Install the OpenSSL libraries on the Nagios server to allow the check_nrpe plugin to communicate with remote NRPE clients using TLS / SSL. To install NRPE, you will need both the Nagios plug-ins and OpenSSL installed on the Nagios server. NRPE allows the Nagios server to run Nagios plug-ins on a managed client. We highly recommend that you do not enable this mode of NRPE. If NRPE is allowed to run in this mode it essentially acts as a remote shell for any server that can connect to the NRPE client. If NRPE is run with the configuration parameter dont_blame_nrpe set to 1, it will allow remote clients to send arbitrary command arguments to the NRPE daemon. On the DMZ Web server, tcp_wrappers should be configured to only accept NRPE connections from the internal Nagios server or firewall IP address (if NAT is in use) on TCP port 5666. 3Īll traffic between the Nagios server and Web server is encrypted using TLS (SSL) encryption. 2Ĭonnections initiated from the DMZ Web server to the internal network are not permitted. These proxy devices (SG410, 510, and 810) provide a set of SNMP MIBs that include HTTP status distribution, CPU, memory, and disk utilization, proxy activity, and Web server utilization.Ĭreate a firewall ACL that allows the Nagios host to communicate with the DMZ host over TCP port 5666, which is the default port the NRPE client uses to listen for incoming connections requests. In this book you will find several examples of Bluecoat plugins that use SNMP to poll Bluecoat devices for a variety of basic metrics, including CPU and memory utilization. Monitoring for the Load balancers and Bluecoat proxy servers would be approached by employing plug-ins. Nagios monitoring server (check_nrpe) -> Nagios client (NRPE)-> check_command on monitored hosts.
Keep in mind that a single NRPE client should be installed onto the DNS, mail, and Web servers to collect basic server metrics (see Table 8.5), by calling check commands such as check_load or check_disk on the remote server hosts. The Nagios monitoring server performs active checks by executing commands on remote monitored server hosts via NRPE. After OpenSSL is installed, the check_nrpe plugin will be able to communicate with the NRPE client using SSL. Any Nagios check plugin installed on the managed Nagios client can be executed from the Nagios server using the check_nrpe plugin from the Nagios server.Each NRPE client must have any required Nagios check plugins installed on it and must have SSL installed as well before NRPE can be used on it. NRPE allows the Nagios monitoring server to run any normal Nagios plug-ins on a managed server and collect the results as if the plugin were run on the Nagios server itself. Max Schubert, in Nagios 3 Enterprise Network Monitoring, 2008 NRPE and ACME Enterprises