Network Monitoring - How to Setup Naemon Networking Monitoring Tool in Linux

How to Setup Naemon Networking Monitoring Tool in Linux

Naemon is an Open Source system and network monitoring application which watches hosts and other services that you specify, alerts you when things go bad and notifies you when they get better. Naemon is based on Nagios 4.0.2 and aims to be a drop in replacement for Nagios. Naemon Suite is currently roughly equivalent to Nagios Core, which makes Naemon Core the equivalent of "Nagios Core Core". Naemon is the general term of the entire "Naemon Suite" that consists of two different parts, Naemon Core and the Thruk Monitoring web interface. We will generally refer to naemon Suite as just Naemon. In this article, we will install naemon in centos 7 and ubuntu 16.04 and explore its usage in Centos via NPRE.

Features of Naemon

→ Monitoring of network services  like SMTP, POP3, HTTP, NNTP, PING, FTP etc.)
→ Monitoring of host resources (processor load, disk usage, memory usage etc.)
→ Simple plugin design that allows users to easily develop their own custom service checks.
→ Parallelized service checks.
→ Thruk Monitoring web interface to edit settings and view current network status, problem history, log files, reports, dashboards, business processes, etc.
→ Ability to define network host hierarchy using "parent" hosts, allowing detection of and distinction between hosts that are down and those that are unreachable.
→ Contact notifications when service or host problems occur and get resolved (via email, pager, or user-defined method).
→ Ability to define event handlers to be run during service or host events for proactive problem resolution.
→ Automatic log file rotation.
→ Support for implementing redundant monitoring hosts.

Components

Naemon has four components, they are Naemon core, Livestatus, Thruk and Plugins.
Naemon Core: The naemon core is the process that does the actual monitoring of your system.
Livestatus: Livestatus is an interface that your tools can use to query the Naemon core like a database.
Thruk: Thruk is the web UI shipped with the Naemon Suite.
Plugins: Naemon runs these plugins to determine the current status of hosts and services on your network. There are well maintained collection of plugins available in Monitoring Plugins Project.

Install Naemon in Ubuntu 16

To install naemon in Ubuntu 16, we first need to install its dependencies. Install naemon dependencies by executing following command in the terminal.
# sudo apt-get install bsd-mailx apache2 apache2-utils libapache2-mod-fcgid libfontconfig1 libjpeg62 libgd3 libxpm4 xvfb libmysqlclient20
Add Consol Labs repository to apt database.
# gpg --keyserver keys.gnupg.net --recv-keys F8C1CA08A57B9ED7
# gpg --armor --export F8C1CA08A57B9ED7 | apt-key add -
# echo "deb http://labs.consol.de/repo/stable/ubuntu $(lsb_release -cs) main" > /etc/apt/sources.list.d/labs-consol-stable.list
Now update apt database.
# sudo apt-get update
Install Naemon, Nagios-plugin will get install along with naemon.
# sudo apt-get install naemon
Change path to Nagios plugins
# sudo vi /etc/naemon/resource.cfg
find $USER1$=/usr/lib/naemon/plugins  and replace it with $USER1$=/usr/lib/nagios/plugins
Change default password for Thruk web UI using following command.
# htpasswd /etc/thruk/htpasswd thrukadmin
New password:
Re-type new password:
Updating password for user thrukadmin
Restart Apache and Naemon
# sudo service naemon restart
# sudo service apache2 restart
You can now access Naemon web UI by pointing your favorite browser to http://SERVER-IP/naemon.
Naemon login page
Login by using username as thrukadmin and password that you have created in earlier step.
Thruk monitoring interface

Install Naemon in CentOS 7

Add consol lab repository to yum database
# rpm -Uvh "https://labs.consol.de/repo/stable/rhel7/i386/labs-consol-stable.rhel7.noarch.rpm"
Install naemon
# yum install naemon*
Disable SELINUX and make it persistent.
# setenforce 0
# vi /etc/selinux/config
Now edit row: "SELINUX=enforcing" and replace with: "SELINUX=disabled"
For nagios plugin, install EPEL repository. Next install nagios plugins and nrpe
# yum install epel-release
# yum install nagios-plugins nagios-plugins-all nagios-plugins-nrpe nrpe
Enable apache and naemon
# systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
# systemctl enable naemon
Created symlink from /etc/systemd/system/multi-user.target.wants/naemon.service to /usr/lib/systemd/system/naemon.service.
Start Apache and naemon
# systemctl start httpd
# systemctl start naemon
Enable thruk during system startup
# systemctl enable thruk
thruk.service is not a native service, redirecting to /sbin/chkconfig.
Executing /sbin/chkconfig thruk on
Start thruk
# service thruk start
Starting thruk.....( 11192) OK
Change default password for Thruk web UI using following command.
# htpasswd /etc/thruk/htpasswd thrukadmin
New password:
Re-type new password:
Updating password for user thrukadmin
You can now access Naemon web UI by pointing your favorite browser to http://SERVER-IP/naemon.
Now that we have a naemon server running in a network, we want to add a remote linux host for monitoring through naemon server. For that we need to install nagios plugin and Nagios Remote Plugin Executer i.e nrpe in the remote system/client. Nagios plugin allows naemon server to remotely execute plugins on remote Linux/Unix host. Our setup looks like below-

 IP Address Hostname
Naemon Server ( CentOS 7)
 10.0.0.55 naemon-server
Remote Host/Client ( CentOS 7)
 10.0.0.38 node01

Configure Remote CentOS 7 host/client (10.0.0.38)

First update your remote host/client
# yum update
Install EPEL repository.
# yum install epel-release
Next install nagios-plugins, openssl and nrpe
# yum install nrpe nagios-plugins-all openssl
List all the nagios plugins available.
# ls -l /usr/lib64/nagios/plugins/
Change into nagios configuration directory and edit nrpe.cfg. Add naemon server's IP to allowed_hosts, specify server_port of your choice, command_timeout set to 60 and connection_timeout set to 300. The rest of the configuration values remain same.
# cd /etc/nagios/
# vi nrpe.cfg
log_facility=daemon
pid_file=/var/run/nrpe/nrpe.pid
server_port=5666
#server_address=127.0.0.1
nrpe_user=nrpe
nrpe_group=nrpe
allowed_hosts=127.0.0.1,10.0.0.55
dont_blame_nrpe=0
allow_bash_command_substitution=0
# command_prefix=/usr/bin/sudo
debug=1
command_timeout=60
connection_timeout=300
#allow_weak_random_seed=1
#include=<somefile.cfg>
command[check_users]=/usr/lib64/nagios/plugins/check_users -w 5 -c 10
command[check_load]=/usr/lib64/nagios/plugins/check_load -w 15,10,5 -c 30,25,20
command[check_hda1]=/usr/lib64/nagios/plugins/check_disk -w 20% -c 10% -p /dev/hda1
command[check_zombie_procs]=/usr/lib64/nagios/plugins/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/lib64/nagios/plugins/check_procs -w 150 -c 200
#command[check_users]=/usr/lib64/nagios/plugins/check_users -w $ARG1$ -c $ARG2$
#command[check_load]=/usr/lib64/nagios/plugins/check_load -w $ARG1$ -c $ARG2$
#command[check_disk]=/usr/lib64/nagios/plugins/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
#command[check_procs]=/usr/lib64/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$
include_dir=/etc/nrpe.d/
Restart NPRE
# systemctl start nrpe
using netstat, find out whether npre is listening on port 5666
# netstat -pltn
Allow firewall to allow traffic to port 5666
For firewalld users
# firewall-cmd --permanent --add-port=5666/tcp
# firewall-cmd --reload
For IPTABLE users
# iptables -A INPUT -p tcp -m tcp --dport 5666 -j ACCEPT
# service iptables save
# service iptables restart
NPRE will now able to accept request from the naemon server to execute commands and send the results to it.

Configure Naemon server (10.0.0.55)

We have already installed naemon server in step 1. Let us now define configuration for host, service and commands in the server. Check the templates for host, services inside /etc/naemon/conf.d/templates directory. You can create configuration file for host, service separately when your number of monitoring instances grows. For this tutorial, we are keeping the host and service configuration in the same file i.e in node01.cfg
#  cd /etc/naemon/conf.d
#  vi /etc/naemon/conf.d/node01.cfg
define host{
use linux-server
host_name node01
alias node01
address 10.0.0.55
}
define service{
use generic-service
host_name node01
service_description PING
check_command check_ping!100.0,20%!500.0,60%
}
define service{
use generic-service
host_name node01
service_description Current Load
check_command check_nrpe!check_load
}
define service{
use generic-service
host_name node01
service_description Total Processes
check_command check_nrpe!check_users
}
Edit the commands.cfg file so that nrpe can run the command in node01 to fetch the data.
# vi /etc/naemon/conf.d/commands.cfg
define command{
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}
Restart naemon and apache
# systemctl restart naemon
# systemctl restart httpd
Make sure that NRPE plugin from naemon server can talk to nrpe daemon in remote host/client machine.
# /usr/lib64/naemon/plugins/check_nrpe -H 10.0.0.38
NRPE v2.15
Refresh the browser and click "Host" from left sidebar in thruk webUI, you will be able to find the remote host (node01) under "Host Status Details For All Host Groups"
Host list under host group in thruk
Click the host name "node01", the details of host state information for node01 will be displayed to you.
Host state information

Conclusion

Naemon is a fork of the Nagios project and its plugin interface is 100% nagios compatible. Naemon core is based on nagios 4 core but with several bug fixes and performance enhancement. So you can easily switch to naemon with several improvements over nagios 4. In this tutorial we have added a single remote host for monitoring but you can now proceed with adding more functionality to it like notification, reporting, performance data etc. as described in naemon user-guide.

Comments

Post a Comment

Popular posts from this blog

How to Set Up IP and Port-Based Virtual Hosting (Vhosts) With Apache Web Server on CentOS 7

Image
How to Set Up IP and Port-Based Virtual Hosting (Vhosts) With Apache Web Server on CentOS 7 Table of Contents Introduction Requirements Set up multiple IP addresses on a single network interface Set up multiple instances of Apache Create the directory structure Create test web pages for each virtual host Set up ownership and permissions Create virtual host files Allow Apache through the firewall Test the virtual hosts Introduction Virtual hosting is a method for hosting multiple websites on a single machine. There are two types of virtual hosting:  Name-based virtual hosting  and  IP-based virtual hosting . IP-based virtual hosting is a technique to apply different directives based on the IP address and port a request is received on. You can assign a separate IP for each website on a single server using IP-based virtual hosting. This is mainly used to host different websites on different ports or IP addresses. In this article we will be creating: ...
Read more

Configure a Postfix Relay through Gmail on CentOS 7

Configure a Postfix Relay through Gmail on CentOS 7 Table of Contents Introduction Requirements Install Packages Configure Postfix Configure Postfix SASL Credentials Test the Relay Troubleshoot Delivery Issues Introduction Postfix is a flexible mail server that is available on most Linux distribution. Though a full feature mail server, Postfix can also be used as a simple relay host to another mail server, or smart host. This tutorial will describe how to configure Postfix as a relay through Gmail. Simple Authentication and Security Layer (SASL) is a standard authentication framework supported by many services including Postfix. Requirements CentOS 7 or Red Hat Enterprise Linux 7 Valid Gmail or Google App credentials Install Packages Make sure Postfix, the SASL authentication framework, and  mailx  are all installed. yum -y install postfix cyrus-sasl-plain mailx Postfix will need to be restarted before the SASL framework will be detected. sys...
Read more

Gateway to Gateway - Intro to Configure IPsec VPN (Gateway-to-Gateway ) using Strongswan

Image
Intro to Configure IPsec VPN (Gateway-to-Gateway ) using Strongswan Strongswan supports Gateway-to-Gateway (site-to-site) and Road warrior  types of VPN. In first type, network traffic is encrypted/decrypted on the gateway (entrance/exit) of an organization. However in Road warrior case, traffic encrypted from the end client (machine) to remote end gateway. In this article, we will explain creation of  tunnel between two sites of an organization to secure the communication. Strongswan based VPN server/gateway placement is shown in the following figure. We want to secure communication between 10.1.0.0/16 and 11.1.0.0/16 networks of organization. As shown in the above figure, we are interested to secure the communication from A to B and vice versa. It is important to make sure the routing of Strongswan based VPN Gateways in the organization network. We assume that machine from  office A can ping a machine in the network of B office . This will ensure th...
Read more