nagios默认安装时主动监控的。少量的机器还是可以的,机器数量变多会增加监控服务器的负载量.
nagios还有一种监控方式,被动监控,这个需要安装插件nsca,同样是c/s结构的,c端负责收集,然后把信息发给s端进行处理,这样s端的压力相对就小一些了。
1.安装方式,yum安装
服务端:
526 yum search nsca
527 yum install nsca -y
528 yum remove nsca -y
529 yum search nsca
530 yum install nsca-client -y
分别安装了nsca和nsca-client
客户端:
1105 yum send_nsca
1106 yum search send_nsca
1110 yum search nsca
1111 yum install nsca-client
客户端发消息的是send_nsca
yum简单的安装完毕了
2.配置
nsca的服务端
[root@Git nagios]# ll
total 92
-rw-rw-r-- 1 root root 11658 Aug 31 06:28 cgi.cfg
drwxr-x--- 2 root nagios 4096 Aug 31 06:28 conf.d
-rw-rw-r-- 1 root root 44608 Dec 31 21:11 nagios.cfg
-rw-r--r-- 1 root root 7933 Dec 30 10:16 nrpe.cfg
-rw------- 1 root root 5426 Jan 1 16:42 nsca.cfg
drwxr-x--- 3 root nagios 4096 Jan 1 18:31 objects
-rw-r----- 1 root apache 27 Aug 31 06:28 passwd
drwxr-x--- 2 root nagios 4096 Dec 29 22:04 private
-rw------- 1 root root 1644 Jan 1 18:51 send_nsca.cfg
[root@Git nagios]# vim nsca.cfg
主要修改了以下几个地方
1.设置server ip
# SERVER ADDRESS
# Address that NSCA has to bind to in case there are
# more as one interface and we do not want NSCA to bind
# (thus listen) on all interfaces.
#server_address=192.168.1.1
server_address=192.168.74.142
2.打开debug模式
# DEBUGGING OPTION
# This option determines whether or not debugging
# messages are logged to the syslog facility.
# Values: 0 = debugging off, 1 = debugging on
debug=1
3.增加负载能力
# AGGREGATED WRITES OPTION
# This option determines whether or not the nsca daemon will
# aggregate writes to the external command file for client
# connections that contain multiple check results. If you
# are queueing service check results on remote hosts and
# sending them to the nsca daemon in bulk, you will probably
# want to enable bulk writes, as this will be a bit more
# efficient.
# Values: 0 = do not aggregate writes, 1 = aggregate writes
aggregate_writes=1
#aggregate_writes=0
4.设置数据包的生存期
# MAX PACKET AGE OPTION
# This option is used by the nsca daemon to determine when client
# data is too old to be valid. Keeping this value as small as
# possible is recommended, as it helps prevent the possibility of
# "replay" attacks. This value needs to be at least as long as
# the time it takes your clients to send their data to the server.
# Values are in seconds. The max packet age cannot exceed 15
# minutes (900 seconds). If this variable is set to zero (0), no
# packets will be rejected based on their age.
#max_packet_age=30
max_packet_age=60
5.设置密码
# DECRYPTION PASSWORD
# This is the password/passphrase that should be used to descrypt the
# incoming packets. Note that all clients must encrypt the packets
# they send using the same password!
# IMPORTANT: You don't want all the users on this system to be able
# to read the password you specify here, so make sure to set
# restrictive permissions on this config file!
#password=
password=123456
nsca客户端的配置
[root@Git nagios]# ll
total 92
-rw-rw-r-- 1 root root 11658 Aug 31 06:28 cgi.cfg
drwxr-x--- 2 root nagios 4096 Aug 31 06:28 conf.d
-rw-rw-r-- 1 root root 44608 Dec 31 21:11 nagios.cfg
-rw-r--r-- 1 root root 7933 Dec 30 10:16 nrpe.cfg
-rw------- 1 root root 5426 Jan 1 16:42 nsca.cfg
drwxr-x--- 3 root nagios 4096 Jan 1 18:31 objects
-rw-r----- 1 root apache 27 Aug 31 06:28 passwd
drwxr-x--- 2 root nagios 4096 Dec 29 22:04 private
-rw------- 1 root root 1644 Jan 1 18:51 send_nsca.cfg
[root@Git nagios]# vim send_nsca.cfg
1.修改密码
# ENCRYPTION PASSWORD
# This is the password/passphrase that should be used to encrypt the
# outgoing packets. Note that the nsca daemon must use the same
# password when decrypting the packet!
# IMPORTANT: You don't want all the users on this system to be able
# to read the password you specify here, so make sure to set
# restrictive permissions on this config file!
#password=
password=123456
修改监控模式:
[root@Git nagios]# vim objects/
commands.cfg contacts.cfg hosts/ printer.cfg switch.cfg templates.cfg timeperiods.cfg windows.cfg
[root@Git nagios]# vim objects/templates.cfg
# Generic service definition template - This is NOT a real service, just a template!
define service{
name generic-service ; The 'name' of this service template
active_checks_enabled 0 ; Active service checks are enabled
passive_checks_enabled 1 ; Passive service checks are enabled/accepted
parallelize_check 1 ; Active service checks should be parallelized (disabling this can lead to major performance problems)
obsess_over_service 1 ; We should obsess over this service (if necessary)
check_freshness 0 ; Default is to NOT check service 'freshness'
notifications_enabled 1 ; Service notifications are enabled
event_handler_enabled 1 ; Service event handler is enabled
flap_detection_enabled 1 ; Flap detection is enabled
failure_prediction_enabled 1 ; Failure prediction is enabled
按照后面的提示,修改active_checks_enabled和passive_checks_enabled的值,然后就可以设定主动还是被动的了。
这里是把全局的都改变了,全部都是被动的了,只是为了测试被动的效果,在实际使用中,不是这样的。
以上完毕,重启nagios,nrpe,nsca等
我设置的是5分钟更新一次状态。这时候你到监控页面去看,过5分钟后,页面的状态也不会发生变法,那是因为他根本不去轮询指令,并且客户端也不发送。测试命令
echo "Front1.Webserver;PING;0;testOK"|send_nsca -H 192.168.74.142 -d ";" -c /etc/nagios/send_nsca.cfg
命令的使用可以查看帮助文档,意思就是告诉nagios server(-H 192.168.74.142)的信息是Front1.Webserver;PING;0;testOK,分隔符是":"(-d ":"),然后服务端会处理这个接收信息,把信息展现在监控的页面。
到此,nagios的被动模式也完成了。
----------------------------------------------------------------------------------------------------------------------------------------------------------------------
真正的被动模式,识别方式,在web管理界面上,主动的方式没有问号,被动的方式有一个黑色的问号
首先默认的模式下是主动的,
1.自定义一个命令
[root@Git objects]# ll
total 44
-rw-rw-r-- 1 root root 8101 Jan 1 21:37 commands.cfg
-rw-rw-r-- 1 root root 2275 Jan 1 13:04 contacts.cfg
drwxr-xr-x 2 root root 4096 Jan 1 21:39 hosts
-rw-rw-r-- 1 root root 3124 Aug 31 06:28 printer.cfg
-rw-rw-r-- 1 root root 3293 Aug 31 06:28 switch.cfg
-rw-rw-r-- 1 root root 11247 Jan 1 20:28 templates.cfg
-rw-rw-r-- 1 root root 3208 Aug 31 06:28 timeperiods.cfg
-rw-rw-r-- 1 root root 4019 Aug 31 06:28 windows.cfg
[root@Git objects]# vim commands.cfg
命令的内容是
define command{
command_name hello
command_line $USER1$/check_dummy $ARG1$
}
"commands.cfg" 258L, 8101C
可以看看check_demmy,nagios自带的,带一个参数,参数是数字,可以通过数字分辨出是什么类型。
2.增加一个新的服务
[root@Git objects]# cd hosts/
[root@Git hosts]# ll
total 20
-rw-r--r-- 1 root root 5212 Jan 1 00:34 front.cfg
-rw-r--r-- 1 root root 143 Dec 30 22:37 group.cfg
-rw-r--r-- 1 root root 5724 Jan 1 21:37 localhost.cfg
[root@Git hosts]# vim localhost.cfg
服务内容:
define service{
use local-service
host_name localhost
active_checks_enabled 0
passive_checks_enabled 1
service_description hello
check_command hello
notifications_enabled 1
}
"localhost.cfg" 166L, 5724C
服务的check_command是我们自定义的命令, 修改active_checks_enabled和passive_checks_enabled的值,然后就可以设定主动还是被动的了。
到此就搞定了。然后客户端发信息上面也说过了,写一个最最简单的吧
我在客户端上运行了一个crontab,内容是:
[root@Git plugins]# crontab -l
#*/1 * * * * cd /root/bash;sh netstat.sh
*/10 * * * * echo "localhost;hello;3;TEST unknow"|/usr/sbin/send_nsca -H 192.168.74.142 -d ';' -c /etc/nagios/send_nsca.cfg >>/tmp/hello 2>&1
[root@Git plugins]#
每隔一段时间,给对应的服务发送状态信息。