CustoSec:Check NRPE

From CustosecWiki
Jump to navigation Jump to search
caption
Basic Information on Check
Name of Check Remote Client Technical Name check_nrpe
Available in Standard Number of Arguments 6
From Version ARANSEC 2.42 Compability All ARANSEC and CustoSec



Scope of Check

This check allows to remotely execute monitoring plugins on other Linux/Unix or Windows machines and can be used to monitor remote machine metrics like disc usage, CPU load, memory etc. It can also communicate with some third party Windows agents like NSClient++, so to execute scripts and check metrics on remote Windows machines as well.

This check is based on the NAGIOS Remote PlugIn Executor (NRPE).

Use Cases

There are some specific use cases, when this check is needed:

  • The check does not use the SNMP protocol. Whenever a remote system has to be monitored without the use of SNMP (Simple Network Management Protocol)
  • SNMP implementation on the remote machine is not working correctly (i.e. hard disk usage on hard discs bigger than 1 terrabyte on Windows machines)
  • Metrics of the local machine can not be retrieved from outside (like a hard disks S.M.A.R.T. Values) because they are not exposed to external systems

Requirements

The check requires a plugin running on the remote host, that is to be monitored. There are 2 standard plugins (daemons) available.

  • NRPE for Linux/Unix Hosts
  • NSClient++ for Windows Hosts

Both have to be configured to associate a specific plugin command with the command option (argument) specified.

Arguments

Argument No. Argument Name Allowed Arguments Explanation Examples
Arg1 SSL yes,
no
Wether to use SSL or not.
Please note: For monitoring a remote Windows Host with NSClient++ do not use SSL
no
Arg2 Unknown yes,
no
Determines how to report on a socket timeout. If set to "no" a socket timeout will be reported as "Critical", if set to "yes", it will be reported as "UNKNOWN". no
Arg3 Port Integer The Port Number on which the remote agent is running. Default is 5666 (for NSClient++) 5666
Arg4 Timeout Integer Number of seconds before the connection times out (see Argument 2). Default is 10 10
Arg5 Command String The name of the commant that the remote agent should run check_cpu
Arg6 Check Arguments String Optional arguments that should be used by the command. Multiple arguments are separated by a space

Examples

Example Description Output
!no!no!5666!10!check_cpu! This is an example used to monitor cpu load on a windows host (using NSClient++) Status: OK
Output: OK: CPU load is ok.|total 5m=0%;80;90 total 1m=0%;80;90 total 5s=0%;80;90