Nagios / NRPE

##Install NRPE and Plugins make sure you have access to EPEL if RHEL/CentOS

sudo yum install nrpe nagios-plugins-all
sudo apt-get install nagios-nrpe-server nagios-plugins

##Then vi /etc/nagios/nrpe.cfg to point to our server:

allowed_hosts=172.16.4.0/24

##I had to comment out the server address

#server_address=127.0.0.1

##Make sure our commands look like this to begin with

command[check_users]=/usr/lib64/nagios/plugins/check_users -w 5 -c 10
command[check_load]=/usr/lib64/nagios/plugins/check_load -w 15,10,5 -c 30,25,20
command[check_root]=/usr/lib64/nagios/plugins/check_disk -w 20% -c 10% -p /dev/mapper/vg_mul4-lv_root
command[check_boot]=/usr/lib64/nagios/plugins/check_disk -w 20% -c 10% -p /dev/sda1
command[check_zombie_procs]=/usr/lib64/nagios/plugins/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/lib64/nagios/plugins/check_procs -w 220 -c 320
command[check_swap]=/usr/lib64/nagios/plugins/check_swap -w 20 -c 10
command[check_ntp_time]=/usr/lib64/nagios/plugins/check_ntp_time -H 0.centos.pool.ntp.org -w 0.5 -c 1

##Check your config

sudo nagios -v /etc/nagios/nagios.cfg

##Open Firewall

sudo firewall-cmd --zone=public --add-port=5666/tcp --permanent

##Restart Firewall

sudo systemctl restart firewalld.service

## Set SELinux

sudo /sbin/restorecon -v /etc/nagios/nrpe.cfg

##Start the service and enable it

sudo systemctl start nrpe
sudo systemctl enable nrpe

 

## For Custom Command ##

 

##Copy the below to /usr/lib64/nagios/plugins/check_mcafee:

#!/bin/bash
#Get to the right directory
#Set a couple variables
REPO=$(curl -ls http://vscl-repo.aac.va.gov/vscl/ | grep zip | cut -d"-" -f2 | cut -d"." -f1)
SYSTEM=$(/usr/local/bin/uvscan --VERSION | grep Dat | cut -d":" -f2 | cut -d" " -f2)

#Find the difference
MATH=$(($REPO-$SYSTEM))

case $MATH in
[0])
echo "OK - $REPO Mcafee is Current."
exit 0
;;
[1-4])
echo "WARNING - Mcafee is $MATH version behind. Current Installed Version $SYSTEM. $REPO Avaliable"
exit 1
;;
[5-9]|1[0-9])
echo "CRITICAL - Mcafee is $MATH versions behind. Current Installed Version $SYSTEM. $REPO Avaliable"
exit 2
;;
*)
echo "UNKNOWN - Mcafee is $MATH versions behind. Current Installed Version $SYSTEM."
exit 3
;;
esac

##Make root the owner

chown root.root /usr/lib64/nagios/plugins/check_mcafee

##Make it executable

chmod 755 /usr/lib64/nagios/plugins/check_mcafee

##in host /etc/nagios/nrpe.cfg add to the command section:

command[check_mcafee]=/usr/lib64/nagios/plugins/check_mcafee

##test by running

/usr/lib64/nagios/plugins/check_mcafee
OK - 7730 Mcafee is Current.

##set up nagios to receive

##Define new command in /etc/nagios/objects/commands.cfg

define command{
        command_name    check_mcafee
        command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -c check_mcafee
        }

##To change an individual service check interval add the ‘normal_check_interval’ and ‘notification_interval’ to the service.cfg file. The interval is in minutes, in the below example it is 720 which is 12 hours.

##In the service.cfg file:

#check McAfee##

define service {
        use                         generic-service
        host_name                   vaauslbe126
        service_description         Check McAfee Anti Virus
        check_command               check_nrpe!check_mcafee
        normal_check_interval       720
        notification_interval       720
        }

#