nagios 报警
nagios --> plugins ( 插件 ) --> (host ,service)( 主机,服务 ) --> 返回值( 0--成功,1--警告,2--紧急 ,3--不知道 )--> web
**********************************************************************************************************************************
nagios 报警
**********************************************************************************************************************************
* 1.基本安装
(1)下载包 lftp i
get nagios-4.0.7.tar.gz
nagios-plugins-2.0.3.tar.gz
gd-devel-2.0.35-11.el6.x86_64.rpm
解压 tar zfx nagios-4.0.7.tanagios r.gz
(2)添加用户 useradd -u 2000 -s /sbin/nologin -M nagios
(3)安装gd ( 若Map没有出现安装此包 )
yum localinstall gd-devel-2.0.35-11.el6.x86_64.rpm -y
(4)安装nagios cd nagios-4.0.7
./configure
make all
make install
make install-init
make install-commandmode
make install-config
make install-webconf
make install-exfoliation
make install-classicui
(5)安装nagios-plugins( 当/usr/local/nagios/libexec/里没有文件,安装此nagios-plugins包)
解压 tar zfx nagios-plugins-2.0.3.tar.gz
安装 cd nagios-plugins-2.0.3
./configure
./configure --enable-perl-modules --enable-libtap
make
make install
改权限 chown -R nagios.nagios /usr/local/nagios/*
用户 htpasswd -cm /usr/local/nagios/etc/htpasswd.users nagiosadmin
密码 westos(2)
(5)检测 /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
Total Warnings: 0 ( 出现两个0就好了 )
Total Errors: 0
(6)启动服务 /etc/init.d/nagios start
/etc/init.d/httpd restart
(7)http访问 192.168.2.74/nagios/
(8)当安装问成后,如果还需有添加功能如下操作,以gd为例
下载 yum localinstall gd-devel-2.0.35-11.el6.x86_64.rpm -y
cd nagios-4.0.7
清除 make clean
./configure
安装 make all
make install
查看 ll /usr/local/nagios/sbin/statusmap.cgi
重启 /etc/init.d/nagios reload
访问 192.168.2.74/nagios/
~~~~~~~~~
* 2.添加功能 添加服务组 添加mysql监控 监控远程主机
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@1.添加服务组
(1)http出现警告( Services里 )
vim /var/www/html/index.html
server74.example.com ( 随意 )
(2)主机和服务分开管理
复制 cp /usr/local/nagios/etc/objects/localhost.cfg /usr/local/nagios/etc/objects/hosts.cfg
cp /usr/local/nagios/etc/objects/localhost.cfg /usr/local/nagios/etc/objects/services.cfg
主配置 vim /usr/local/nagios/etc/nagios.cfg
#cfg_file=/usr/local/nagios/etc/objects/localhost.cfg (35)
cfg_file=/usr/local/nagios/etc/objects/hosts.cfg
cfg_file=/usr/local/nagios/etc/objects/services.cfg
分别删除不需要的信息( hosts里删除services信息,services里删除hosts信息 )
vim /usr/local/nagios/etc/objects/hosts.cfg
vim /usr/local/nagios/etc/objects/services.cfg
(3)添加服务组
vim /usr/local/nagios/etc/objects/services.cfg
define servicegroup{
servicegroup_name 系统状态 ; The name of the hostgroup
alias 本机负载 ; Long name of the group
members localhost,PING,localhost,Root Partition,localhost,Total Processes,localhost,Current Load
}
(4)修改本机名称方法
vim /usr/local/nagios/etc/objects/hosts.cfg
host_name server74.example.com (16)
members server74.example.com (44)
vim /usr/local/nagios/etc/objects/services.cfg
:%s/localhost/server74.example.com/g ***
监控远程主机:
check_nrpe < --- ssl --- > NRPE( tcp 5666 )--> libexec/*.sh( 脚本 )--监控主机的信息
利用脚本通过ssl连接要监控的主机,再通过NRPE调用libexec下的脚本去捕获监控主机的监控信息
远程监控主机的服务:mysql
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@2.添加远程监控主机的服务:mysql
远程监控主机的服务,此处以mysql为例
*1.本地(不需要以下的第一步)
cd /usr/local/nagios/libexec/ ( 此文件存储命令,在commands.cfg里没有时可以在此执行调用 )
./check_mysql -ucacti -pwestos ( 存在一个用户可登录即可,此处用cacti用户测试 -u指定用户 -p设置密码 ,)
运行结果:( 出现以下信息,代表检测成功 )
Uptime: 8522 Threads: 1 Questions: 88973 Slow queries: 0 Opens: 84 Flush tables: 2 Open tables:
43 Queries per second avg: 10.440|Connections=175c;;; Open_files=53;;; Open_tables=43;;; Qcache_free_memory=0;;;
Qcache_hits=0c;;; Qcache_inserts=0c;;; Qcache_lowmem_prunes=0c;;; Qcache_not_cached=0c;;; Qcache_queries_in_cache=0;;;
Queries=88973c;;; Questions=88973c;;; Table_locks_waited=0c;;; Threads_connected=1;;; Threads_running=1;;; Uptime=8522c;;;
*2.监控远程主机的mysql
(1)远程主机配置
1. yum install -y mysql-server ( 安装mysql服务,要远程监控主机的mysql,监控主机当然需要有mysql啦,rhel7要安装mariadb )
2. /etc/init.d/mysqld start ( 开启mysql服务,监控远程主机的服务,需要远程主机的服务处于开启的状态 )
3. mysql_secure_installation ( 安全校验,为了安全需要给予mysql一个密码 )
4. mysql -pwestos ( 登录mysql,做以下操作 )
create database nagdb; ( 创建一个数据库,也可不创建而用里面的test数据库 )
grant select on nagdb.* to nagios@'192.168.2.74'; ( 授权,给74主机的nagios用户授予远程主机的nagdb数据库的选择权限 )
5. /etc/init.d/mysqld restart ( 完成以上操作,重启mysql服务 )
(2)本地配置
1.检测:
cd /usr/local/nagios/libexec/
./check_mysql -unagios -d nagdb -H 192.168.2.149 ( -u指定本地的nagios用户 -d指定远程主机的数据库 -H指定远程主机的ip )
( 上面的命令是为了测试是否可以连接远程主机获取远程主机服务信息,如有下信息则代表成功 )
运行结果:
Uptime: 2880 Threads: 1 Questions: 19 Slow queries: 0 Opens: 0 Flush tables: 2 Open tables:
26 Queries per second avg: 0.006|Connections=11c;;; Open_files=21;;; Open_tables=26;;; Qcache_free_memory=0;;;
Qcache_hits=0c;;; Qcache_inserts=0c;;; Qcache_lowmem_prunes=0c;;; Qcache_not_cached=0c;;;
Qcache_queries_in_cache=0;;; Queries=19c;;; Questions=19c;;; Table_locks_waited=0c;;; Threads_connected=1;;;
Threads_running=1;;; Uptime=2880c;;;
2.配置( 过程: services.cfg --> hosts.cfg --> commands.cfg )
1.vim /usr/local/nagios/etc/objects/hosts.cfg ( 主机配置文件 )
( 此模块是本地主机的信息,是原来配置的,只需要修改一行 )
define host{
use linux-server
host_name server74.example.com
alias Manager
parents server49.example.com *** ( 此处填写要远程控制的主机的主机名,别名不识别 )
address 192.168.2.74
icon_image server.gif
statusmap_image server.gd2
2d_coords 500,200
3d_coords 500,200,100
}
( 此模块是远程主机的信息,复制上面的模块进行修改的即可 )
define host{
use linux-server
host_name server49.example.com ( 远程主机的主机名 )
alias mysql主机 ( 远程主机的别名 )
address 192.168.2.149 ( 远程主机的ip )
icon_image server.gif
statusmap_image server.gd2
2d_coords 500,200
3d_coords 500,200,100
}
2.vim /usr/local/nagios/etc/objects/commands.cfg ( 命令配置文件 )
#'check_mysql' command definition ( 此行仅为注释 )
( 此模块是check_mysql,复制一个模块进行修改即可 )
define command{
command_name check_mysql ( 命令的名称,可以修改 )
command_line $USER1$/check_mysql -H $HOSTADDRESS$ -u $ARG1$ -d $ARG2$
( $USER1$:代表/usr/local/nagios/libexec路径 -H:指定要监控的主机地址 -u:指定本地的nagios用户 -d:指定远程主机的数据库 -p:指定数据库密码)
}
3.vim /usr/local/nagios/etc/objects/services.cfg ( 服务配置文件 )
( 此模块是远程主机的服务,复制一个模块进行修改即可 )
define service{
use local-service
host_name server49.example.com ( 监控远程主机的主机名 )
service_description MYSQL ( 监控远程主机的服务 )
check_command check_mysql!nagios!nagdb ( 监控远程主机的服务用的命令 )
}
(6)检测语法 /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg ( 0 0)
重启服务 /etc/init.d/nagios reload
/etc/init.d/httpd restart
访问 192.168.2.74/nagios/
* mysql启动报错时
重启时 /etc/init.d/mysqld restart
Stopping mysqld: [ OK ]
Another MySQL daemon already running with the same unix socket.
Starting mysqld: [FAILED]
删除文件 rm -fr /var/lib/mysql/mysql.sock
重启mysql /etc/init.d/mysqld restart
Stopping mysqld: [ OK ]
Starting mysqld: [ OK ]
*httpd有警告
vim /var/www/html/index.html ( 写一个测试页面即可 )
*ssh有一个喇叭(打着叉叉)表示禁用:当需要网络页面开启时:
usermod -G nagios apache ( 把apache加入nagios用户组中,apache就有了权限了 )
systemctl restart nagios
*监控页面出现云时处理方法 ( 出现云是因为服务频繁出故障 )
修改权限 usermod -G nagios apache
重启nagios /etc/init.d/nagios reload
重启http /etc/init.d/httpd restart
远程监控主机的信息
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@3.添加监控远程主机信息
* 1.远程主机配置
(1)下载包 lftp 192.168.2.251
get nagios-plugins-2.0.3.tar.gz( 插件,先安装插件 )
get nrpe-2.15.tar.gz ( 在本地主机上没有监控远程主机需要的命令时安装nrpe,而nagios-plugins是一个插件 )
(2)建立用户 useradd -u 2000 -s /sbin/nologin -M nagios ( -u:指定uid,用户的id -s:指定用户的shell,此处是不等录 -M:不创建家目录 最后是用户名 )
(3)安装所需服务
yum install gcc make openssl-devel xinetd -y
( gcc和make是编译时需要用到的,连接远程主机是用ssl的,xinetd是守护进程 )
(4)安装插件 tar zfx nagios-plugins-2.0.3.tar.gz
cd nagios-plugins-2.0.3
./configure
make && make install
(5)安装nrpe
解压 tar zfx nrpe-2.15.tar.gz
安装 cd nrpe-2.15
./configure
make all
mkae install-plugin ( plugin插件 )
make install-daemon ( Daemon程序,又称为守护进程,通常在系统后台长时间运行,由于没有控制终端而无法与前台交互,Daemon程序一般作为系统服务使用。)
make install-daemon-config ( Daemon程序的配置 )
make install-xinetd ( xinetd后台进程 )
配置 vim /etc/xinetd.d/nrpe ( xinetd是后台守护进程,nrpe是其中之一 )
only_from = 192.168.2.74 (15) ( 只允许此ip访问监控 )
vim /etc/services ( 系统所有的服务 )
nrpe 5666/tcp (23) ( 虽然nrpe的端口是5666,但是系统不识别,所以要在此添加 )
vim /usr/local/nagios/etc/nrpe.cfg ( 此文件里的check_* 就是crpe调用的命令 )
command[check_disk]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p / (221)( 此处用的是绝对命令,直接调用即可,没有变量 )
( 需要监控什么信息,在此文件里定义即可,格式如上 )
权限 chown nagios.nagios /usr/local/nagios/* -R ( 修改nagios里的所有文件的用户和组为nagios )
(6)启服务 /etc/init.d/xinetd start ( 开启xinetd,nrpe就开启了,xinetd守护nrpe )
查看端口 netstat -antlp | grep 5666 ( 查看端口,有5666就带表成功了,nrpe开启了 )
* 2.本地服务机配置
(1)安装nrpe
下载 lftp i
get nrpe-2.15.tar.gz
解压 tar zfx nrpe-2.15.tar.gz
cd nrpe-2.15
安装 ./configure
make all
make install-plugin
(2)检测是否安装成功
查看( 安装完nrpe后会出现此目录 )
ll /usr/local/nagios/libexec/check_nrpe ( 监控远程主机的信息的命令 )
-rwxrwxr-x 1 nagios nagios 76769 Jul 18 22:25 /usr/local/nagios/libexec/check_nrpe
验证( 验证是否可以链接远程主机获得信息 )
cd /usr/local/nagios/libexec/
./check_nrpe -H 192.168.2.149
./check_nrpe -H 192.168.2.149 -c check_disk
结果:DISK OK - free space: / 5540 MB (80% inode=99%);| /=1317MB;5486;6172;0;6858
./check_nrpe -H 192.168.2.149 -c check_load
结果:OK - load average: 0.00, 0.01, 0.05|load1=0.000;15.000;30.000;0; load5=0.010;10.000;25.000;0; load15=0.050;5.000;20.000;0;
(3)配置命令和服务
命令 vim /usr/local/nagios/etc/objects/commands.cfg ( 命令配置文件 )
#'check_nrpe' command definition (220) ( 添加监控远程主机的信息的命令 )
define command{
command_name check_nrpe ( 监控远程主机的信息的命令的名称 )
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$ ( 监控远程主机的信息的命令的格式 )
}
服务 vim /usr/local/nagios/etc/objects/services.cfg ( 添加远程主机要检测的内容 )
#define server49 nrpe
( 监控远程主机的服务,以下的四个模块都是类似的,复制本地的模板进行修改即可 )
define service{
use local-service ( 使用服务模板名称,修改后会出错 )
host_name server49.example.com *** ( 监控的远程主机的主机名 )
service_description Root Partition ( 根分区 )
check_command check_nrpe!check_disk *** ( check_nrpe是commands.cfg定义的命令,check_disk )
(check_nrpe是/usr/local/nagios/etc/objects/commands.cfg定义的命令 ,check_disk是/usr/local/nagios/etc/nrpe.cfg定义的 )
}
define service{
use local-service
host_name server49.example.com ***
service_description Current Users ( 登录用户数 )
check_command check_nrpe!check_users ***
}
define service{
use local-service
host_name server49.example.com ***
service_description Total Processes ( 进程总数 )
check_command check_nrpe!check_total_procs ***
}
define service{
use local-service
host_name server49.example.com ***
service_description Current Load ( 系统负荷 )
check_command check_nrpe!check_load ***
}
(4)检测并重启 /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg ( 语法检测 )
/etc/init.d/nagios reload ( 修改了配置文件,重启时配置文件生效 )
192.168.2.74/nagios/ ( 访问页面,监控的主机信息添加了四项,现在的状态是未诀,过五分钟就好(变成绿色的) )
监控主机出现问题时发送邮件
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@3.监控主机出现问题时发送邮件
(1)邮箱 vim /usr/local/nagios/etc/objects/contacts.cfg
email 976807618@qq.com ( 35 )
( 在qq邮箱设置里的白名单添加nagios@server74.example.com 用户@主机名 )
( qq邮箱 --> 设置 --> 反垃圾 --> 设置邮件地址白名单--> nagios@server74.example.com )
(2)给予nagios用户登录权限
vim /etc/passwd
nagios:x:2000:2000::/usr/local/nagios:/bin/bash
(3)切换用户,测试发邮件
su - nagios
-bash-4.1$ mail 976807618@qq.com
mailq
(4)登录邮箱查看,收到邮箱则正常
(5)测试报警功能,停掉监控的任一个服务,看是否会收到邮件,以下以mysql为例。
/etc/init.d/mysqld stop ( server49 )
/etc/init.d/nagios reload ( server74 )
等待大概5分钟,192.168.2.74/nagios/页面监控的MYSQL会变成红色,并且收到mysql报警的邮件。
/etc/init.d/mysqld start ( server49 )
/etc/init.d/nagios reload ( server74 )
等待大概5分钟,192.168.2.74/nagios/页面监控的MYSQL会变成绿色,并且收到mysql恢复的邮件。
监控主机出现问题时发送飞信
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@3.监控主机出现问题时发送飞信
飞信 与nagios整合
* 1.安装飞信并测试 ( 在nagios用户下执行 )
(1)权限下发 vim /etc/sudoers.d/ ( 权限下方 )
nagios ALL=NOPASSWD:ALL
(2)切换用户 su - nagios ( 切换到nagios用户里 )
cd usr/local/nagios/libexec/
下载包 lftp i ( 下载飞信包 )
get fetion linuxso_20101113.tar.gz ( 下载飞信包所用到的库 )
解压 tar zfx /usr/local/nagios/libexec/linuxso_20101113.tar.gz -C /lib ( 解压飞信包所用到的库到系统库中,保证飞信的库和系统库不重复 )
(3)安装fetion
权限 chmod +x /usr/local/nagios/libexec/fetion ( 给予fetion执行权限 )
chown nagios.nagios /usr/local/nagios/libexec/fetion ( 修改fetion的用户和用户组为nagios )
/usr/local/nagios/libexec/fetion ( 根据提示安装所需的.so )
安装 sudo yum install -y /lib/ld-linux.so.2 libstdc++.so.6 libgssapi_krb5.so.2 libz.so.1
/usr/local/nagios/libexec/fetion ( 出现以下情况表示安装成功 )
************************ IMPORTANT STATEMENT ************************
** **
** PLEASE DON'T USE THIS SOFTWARE TO SEND JUNK SHORT MESSAGES. **
** OTHERWISE PLEASE BEAR YOUR OWN CONSEQUENCES. **
** **
** Version:[20101205002-linux] **
*********************************************************************
This program is the console version of China Fetion!
It's free for personal user.
This project website: http://www.it-adv.net/
AUTHOR:KelvinH MSN/EMAIL:shichangguo@msn.com
Usage:
--mobile=[mobile] 手机号
--sid=[sid] 飞信号
--pwd=[pwd] 飞信密码
--config=[config file] *format:index mobile password
--index=[index no in config file,refer to sample.conf]
--debug *debug mode on
--hide *login fetion in hidden state
--to=[mobile/sid] 收信人手机号或飞信号
--command-path=[command file path]
--robotmode
--daemon(linux only)
--proxy-ip(http proxy ip)
--proxy-port(http proxy port)
--msg-gb=[gb2312/gbk message]
--msg-utf8=[utf8 message] 飞信内容
--msg-type=[0/1/2 sms longsms smartmsg]
--file-gb=[gb2312/gbk file]
--file-utf8=[utf8 file]
--query-cmcc-no
--auto-retry
--exit-on-verifycode
--t3key=[http://www.tui3.com/page/smssend/]
(4)测试 /usr/local/nagios/libexec/fetion --mobile=15029986994 --pwd=wangjiaxing0425 --to=15029986994 --msg-utf8="hai"
scp /usr/local/nagios/libexec/15029986994.jpg 192.168.2.1:/root/Desktop/ ( 查看验证码 )
( 如果虚拟机是最小化安装,无图形界面时看不了图片,需要远程复制到物理机桌面 )
输入验证码 mxhy ( 仅第一次需要输入验证码,输入后出现以下信息即可发送成功 )
SIP-C/4.0 280 Send SMS OK
T: sip:780381999@fetion.com.cn;p=9200
I: 2
Q: 1 M
RQ: 49444554834
L: 112
XI: ae51f4469e4e4f628d580e7ca21fb298
(5)简化,写成脚本,方便
ll -d /usr/local/nagios/ ( 查看是否是属于nagios的,是否可以编辑文件 )
drwxr-xr-x 11 nagios nagios 4096 Jul 19 03:04 /usr/local/nagios/
( 如果用户和用户组都不是nagios,进行如下操作 )
chown nagios.nagios /usr/local/nagios/ -R
脚本 vim /usr/local/nagios/libexec/fetion.sh
/usr/local/nagios/libexec/fetion --mobile=15029986994 --pwd=wangjiaxing0425 --to="$1" --msg-utf8="$2"
权限 chmod +x /usr/local/nagios/libexec/fetion.sh
chown nagios.nagios /usr/local/nagios/libexec/fetion.sh
测试 /usr/local/nagios/libexec/fetion.sh 15029986994 "测试" ( 15029986994是发送的手机号 )
* 2.飞信与nagios整合,监控服务出现问题时会发出飞信( 在nagios用户下执行 )
(1)联系方式 vim /usr/local/nagios/etc/objects/contacts.cfg
pager 15029986994 (35)
(2)模板 vim /usr/local/nagios/etc/objects/templates.cfg
service_notification_commands notify-service-by-email,notify-service-by-fetion (33)
host_notification_commands notify-host-by-email,notify-host-by-fetion
(3)命令 vim /usr/local/nagios/etc/objects/commands.cfg
(以下内容空余复制文件上面的进行修改即可,留下最后“”里的内容删除**,前面添加$USER1$/fetion.sh $CONTACTPAGER$)
# 'notify-host-by-fetion' command definition
define command{
command_name notify-host-by-fetion
command_line $USER1$/fetion.sh $CONTACTPAGER$ "$NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$"
}
# 'notify-service-by-fetion' command definition
define command{
command_name notify-service-by-fetion
command_line $USER1$/fetion.sh $CONTACTPAGER$ "$NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$"
}
* 3.在root下执行
检测语法 /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg ( 0 0 )
重启服务 /etc/init.d/nagios reload
测试 /etc/init.d/mysqld stop ( server49 )
( 网页中mysql的 通知要启用,抖动要禁用 )
五分钟后会收到关于mysql报警的短信