nagios ALL=(root) NOPASSWD: /etc/init.d/ssh restart
#Zakomentować! #Defaults requiretty nrpe ALL=(root) NOPASSWD:/usr/local/bin/smart.sh "", /usr/lib/nagios/plugins/check_mailq, /usr/local/bin/check_updates_yum
[modules] ;# NSCLIENT++ MODULES ;# A list with DLLs to load at startup. ; You will need to enable some of these for NSClient++ to work. ; ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ; * * ; * N O T I C E ! ! ! - Y O U H A V E T O E D I T T H I S * ; * * ; ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! FileLogger.dll CheckSystem.dll CheckDisk.dll NSClientListener.dll NRPEListener.dll SysTray.dll CheckEventLog.dll CheckHelpers.dll CheckWMI.dll ; Script to check external scripts and/or internal aliases. CheckExternalScripts.dll ; ; NSCA Agent if you enable this NSClient++ will talk to NSCA hosts repeatedly (so dont enable unless you want to use NSCA) NSCAAgent.dll ; ; LUA script module used to write your own "check deamon". ;LUAScript.dll ; ; RemoteConfiguration IS AN EXTREM EARLY IDEA SO DONT USE FOR PRODUCTION ENVIROMNEMTS! ;RemoteConfiguration.dll ; Check other hosts through NRPE extreme beta and probably a bit dangerous! :) ;NRPEClient.dll ; Extreamly early beta of a task-schedule checker ;CheckTaskSched.dll [Settings] ;# OBFUSCATED PASSWORD ; This is the same as the password option but here you can store the password in an obfuscated manner. ; *NOTICE* obfuscation is *NOT* the same as encryption, someone with access to this file can still figure out the ; password. Its just a bit harder to do it at first glance. ;obfuscated_password=Jw0KAUUdXlAAUwASDAAB ; ;# PASSWORD ; This is the password (-s) that is required to access NSClient remotely. If you leave this blank everyone will be able to access the daemon remotly. ;password=secret-password ; ;# ALLOWED HOST ADDRESSES ; This is a comma-delimited list of IP address of hosts that are allowed to talk to the all daemons. ; If leave this blank anyone can access the deamon remotly (NSClient still requires a valid password). ; The syntax is host or ip/mask so 192.168.0.0/24 will allow anyone on that subnet access ;allowed_hosts=127.0.0.1/32 ; ;# USE THIS FILE ; Use the INI file as opposed to the registry if this is 0 and the use_reg in the registry is set to 1 ; the registry will be used instead. use_file=1 allowed_hosts=10.0.2.26 ; ; # USE SHARED MEMORY CHANNELS ; This is the "new" way for using the system tray based on an IPC framework on top shared memmory channels and events. ; It is brand new and (probably has bugs) so dont enable this unless for testing! ; If set to 1 shared channels will be created and system tray icons created and such and such... ;shared_session=0 [log] ;# LOG DEBUG ; Set to 1 if you want debug message printed in the log file (debug messages are always printed to stdout when run with -test) ;debug=1 ; ;# LOG FILE ; The file to print log statements to ;file=nsclient.log ; ;# LOG DATE MASK ; The format to for the date/time part of the log entry written to file. ;date_mask=%Y-%m-%d %H:%M:%S ; ;# LOG ROOT FOLDER ; The root folder to use for logging. ; exe = the folder where the executable is located ; local-app-data = local application data (probably a better choice then the old default) ;root_folder=exe [NSClient] ;# ALLOWED HOST ADDRESSES ; This is a comma-delimited list of IP address of hosts that are allowed to talk to NSClient deamon. ; If you leave this blank the global version will be used instead. ;allowed_hosts= ; ;# NSCLIENT PORT NUMBER ; This is the port the NSClientListener.dll will listen to. ;port=12489 ; ;# BIND TO ADDRESS ; Allows you to bind server to a specific local address. This has to be a dotted ip adress not a hostname. ; Leaving this blank will bind to all avalible IP adresses. ;bind_to_address= ; ;# SOCKET TIMEOUT ; Timeout when reading packets on incoming sockets. If the data has not arrived withint this time we will bail out. ;socket_timeout=30 [NRPE] ;# NRPE PORT NUMBER ; This is the port the NRPEListener.dll will listen to. ;port=5666 ; ;# COMMAND TIMEOUT ; This specifies the maximum number of seconds that the NRPE daemon will allow plug-ins to finish executing before killing them off. ;command_timeout=60 ; ;# COMMAND ARGUMENT PROCESSING ; This option determines whether or not the NRPE daemon will allow clients to specify arguments to commands that are executed. ;allow_arguments=0 ; ;# COMMAND ALLOW NASTY META CHARS ; This option determines whether or not the NRPE daemon will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments. ;allow_nasty_meta_chars=0 ; ;# USE SSL SOCKET ; This option controls if SSL should be used on the socket. ;use_ssl=1 ; ;# BIND TO ADDRESS ; Allows you to bind server to a specific local address. This has to be a dotted ip adress not a hostname. ; Leaving this blank will bind to all avalible IP adresses. ; bind_to_address= ; ;# ALLOWED HOST ADDRESSES ; This is a comma-delimited list of IP address of hosts that are allowed to talk to NRPE deamon. ; If you leave this blank the global version will be used instead. ;allowed_hosts= ; ;# SCRIPT DIRECTORY ; All files in this directory will become check commands. ; *WARNING* This is undoubtedly dangerous so use with care! ;script_dir=scripts\ ; ;# SOCKET TIMEOUT ; Timeout when reading packets on incoming sockets. If the data has not arrived withint this time we will bail out. ;socket_timeout=30 [Check System] ;# CPU BUFFER SIZE ; Can be anything ranging from 1s (for 1 second) to 10w for 10 weeks. Notice that a larger buffer will waste memory ; so don't use a larger buffer then you need (ie. the longest check you do +1). ;CPUBufferSize=1h ; ;# CHECK RESOLUTION ; The resolution to check values (currently only CPU). ; The value is entered in 1/10:th of a second and the default is 10 (which means ones every second) ;CheckResolution=10 ; ;# CHECK ALL SERVICES ; Configure how to check services when a CheckAll is performed. ; ...=started means services in that class *has* to be running. ; ...=stopped means services in that class has to be stopped. ; ...=ignored means services in this class will be ignored. ;check_all_services[SERVICE_BOOT_START]=ignored ;check_all_services[SERVICE_SYSTEM_START]=ignored ;check_all_services[SERVICE_AUTO_START]=started ;check_all_services[SERVICE_DEMAND_START]=ignored ;check_all_services[SERVICE_DISABLED]=stopped [External Script] ;# COMMAND TIMEOUT ; This specifies the maximum number of seconds that the NRPE daemon will allow plug-ins to finish executing before killing them off. ;command_timeout=60 ; ;# COMMAND ARGUMENT PROCESSING ; This option determines whether or not the NRPE daemon will allow clients to specify arguments to commands that are executed. ;allow_arguments=0 ; ;# COMMAND ALLOW NASTY META CHARS ; This option determines whether or not the NRPE daemon will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments. ;allow_nasty_meta_chars=0 ; ;# COMMAND ALLOW NASTY META CHARS ; This option determines whether or not the NRPE daemon will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments. ;script_dir=c:\my\script\dir [External Scripts] ;check_es_long=scripts\long.bat ;check_es_ok=scripts\ok.bat ;check_es_nok=scripts\nok.bat ;check_vbs_sample=cscript.exe //T:30 //NoLogo scripts\check_vb.vbs ;check_powershell_warn=cmd /c echo scripts\powershell.ps1 | powershell.exe -command - [External Alias] alias_cpu=checkCPU warn=80 crit=90 time=5m time=1m time=30s alias_cpu_ex=checkCPU warn=$ARG1$ crit=$ARG2$ time=5m time=1m time=30s alias_disk=CheckDriveSize MinWarn=10% MinCrit=5% CheckAll FilterType=FIXED alias_service=checkServiceState CheckAll alias_process=checkProcState $ARG1$=started alias_mem=checkMem MaxWarn=80% MaxCrit=90% ShowAll type=physical alias_up=checkUpTime MinWarn=1d MinWarn=1h alias_file_age=checkFile2 filter=out "file=$ARG1$" filter-written=>1d MaxWarn=1 MaxCrit=1 "syntax=%filename% %write%" alias_file_size=checkFile2 filter=out "file=$ARG1$" filter-size=>$ARG2$ MaxWarn=1 MaxCrit=1 "syntax=%filename% %size%" alias_file_size_in_dir=checkFile2 filter=out pattern=*.txt "file=$ARG1$" filter-size=>$ARG2$ MaxWarn=1 MaxCrit=1 "syntax=%filename% %size%" alias_event_log=CheckEventLog file=application file=system filter=new filter=out MaxWarn=1 MaxCrit=1 filter-generated=>2d filter-severity==success filter-severity==informational truncate=1023 unique descriptions "syntax=%severity%: %source%: %message% (%count%)" alias_event_log2=CheckEventLog file=application file=system filter=new filter=in MaxWarn=1 MaxCrit=1 filter+generated=<2d "filter+eventSource==Service Control Manager" filter+severity==error truncate=1023 unique descriptions "syntax=%severity%: %source%: %message% (%count%)" check_ok=CheckOK Everything is fine! ; [includes] ;# The order when used is "reversed" thus the last included file will be "first" ;# Included files can include other files (be carefull only do basic recursive checking) ; ; myotherfile.ini ; real.ini [NSCA Agent] ;# CHECK INTERVALL (in seconds) ; How often we should run the checks and submit the results. interval=60 ; ;# ENCRYPTION METHOD ; This option determines the method by which the send_nsca client will encrypt the packets it sends ; to the nsca daemon. The encryption method you choose will be a balance between security and ; performance, as strong encryption methods consume more processor resources. ; You should evaluate your security needs when choosing an encryption method. ; ; Note: The encryption method you specify here must match the decryption method the nsca daemon uses ; (as specified in the nsca.cfg file)!! ; Values: ; 0 = None (Do NOT use this option) ; 1 = Simple XOR (No security, just obfuscation, but very fast) ; 2 = DES ; 3 = 3DES (Triple DES) ; 4 = CAST-128 ; 6 = xTEA ; 8 = BLOWFISH ; 9 = TWOFISH ; 11 = RC2 ; 14 = RIJNDAEL-128 (AES) ; 20 = SERPENT encryption_method=14 ; ;# ENCRYPTION PASSWORD ; This is the password/passphrase that should be used to encrypt the sent packets. password=a6d8318d56fdb1b68228de7ca91b05a1 ; ;# BIND TO ADDRESS ; Allows you to bind server to a specific local address. This has to be a dotted ip adress not a hostname. ; Leaving this blank will bind to "one" local interface. ; -- not supported as of now -- ;bind_to_address= ; ;# LOCAL HOST NAME ; The name of this host (if empty "computername" will be used. hostname=WinXP ; ;# NAGIOS SERVER ADDRESS ; The address to the nagios server to submit results to. nsca_host=10.0.2.26 ; ;# NAGIOS SERVER PORT ; The port to the nagios server to submit results to. nsca_port=5667 ; ;# CHECK COMMAND LIST ; The checks to run everytime we submit results back to nagios ; Any command(alias/key) starting with a host_ is sent as HOST_COMMAND others are sent as SERVICE_COMMANDS ; where the alias/key is used as service name. ; [NSCA Commands] ;my_cpu_check=checkCPU warn=80 crit=90 time=20m time=10s time=4 my_mem_check=checkMem MaxWarn=80% MaxCrit=90% ShowAll type=page ;my_svc_check=checkServiceState CheckAll exclude=wampmysqld exclude=MpfService ;host_check=check_ok ;# REMOTE NRPE PROXY COMMANDS ; A list of commands that check other hosts. ; Used by the NRPECLient module [NRPE Client Handlers] check_other=-H 192.168.0.1 -p 5666 -c remote_command -a arguments ;# LUA SCRIPT SECTION ; A list of all Lua scripts to load. ;[LUA Scripts] ;scripts\test.lua
Automatyczne generowanie komunikatów (komentarzy).
echo "[`date +%s`] ADD_SVC_COMMENT;localhost;PORT 8000;1;admin;Inny komunikat numer 2" > /var/lib/nagios3/rw/nagios.cmd
Różne rzeczy do zrobienia z Windowsem zdlanie. Stan usługi
net -I 10.0.2.6 -U kurs%kurs rpc service status NSClientpp
Wyłączenie maszyny.
net -I 10.0.2.6 -U kurs%kurs rpc shutdown -C "bo tak"