What's wrong with my NSCA setup?


#1

can anyone let me know if i’ve left anything out or done anything wrong here with my NSCA and SEND_NSCA setup?

i am running under inetd:

i added the following to /etc/services:

nsca 5667/tcp #NSCA

/etc/inetd.conf

nsca stream tcp nowait nagios /usr/local/nagios/bin/nsca -c /usr/local/nagios/etc/nagios.cfg --inetd

restart: inet restart

in the NSCA.CFG file i added the client’s IP address i will be using to the allowed host addresses.

on the client machine i am using the send_nsca win32 port. i run the client program as follows:

send_nsca -H -c send_nsca.cfg

i run this just to see if i can get a connection and i get the following:

error: server closed connection before init packet was received
error: could not read init packet from server

now i’ve been digging around, and i am pretty sure there is some setting configuation file i missed somewhere. do i need to actually define the service checks for the client to connect? i have not actually created any service/host checks for the passive checks yet. i’m just trying to get it to get a connection and do the bare minimums to accomplish this.

i am pretty sure i’m having problems because of some setting/config file.

any insight would be appreciated!

mike


#2

pick a thread and stay in that one thread. This is the 3rd that I’ve seen about the same issue, and won’t reply till you decide which one you are going to use.
Bye!


#3

ok i pick this one! :slight_smile:

but actually, i think i have a more serious problem. what version does send_nsca work with? i thought i read somewhere only nagios 2.0 and above? which naggios version shoudl i install to ensure the the most stability with using send_nsca?

btw, is there a command switch i can use to check the version of nagios i’m running?


#4

nagios > 2.0 is still in beta, so the most stable would be < 2.0.
Send nsca should work with both, so that is not an issue.

Run /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg to see the version.

I don’t really know what to say that the readme doesn’t have.


#5

[quote=“mdroz8”]…
i am running under inetd:
i added the following to /etc/services:
nsca 5667/tcp #NSCA
/etc/inetd.conf
nsca stream tcp nowait nagios /usr/local/nagios/bin/nsca -c /usr/local/nagios/etc/nagios.cfg --inetd
restart: inet restart
[/quote]

  1. Which machine did you do the above on? Remote or nagios server?
  2. ARe you sure you don’t run xinetd? If so, then are you sure you dont use tcpwrappers? If not, then find out because the line you put in /etc/inetd.conf
    is not correct if using tcp_wrapppers. See the docs for correct line.

[quote=“mdroz8”]…
in the NSCA.CFG file i added the client’s IP address i will be using to the allowed host addresses.
[/quote]

There is nothing in NSCA.CFG where you add the clients IP addy. Look again. What exactly are you refferring to?

[quote=“mdroz8”]…
on the client machine i am using the send_nsca win32 port. i run the client program as follows:
send_nsca -H -c send_nsca.cfg
[/quote]

I don’t think you can test like that. I’ll get back to you in a bit.


#6

nagios.sourceforge.net/docs/1_0/distributed.html
Read it, understand it.
To submit a check and test try this.
/usr/local/nagios/libexec/eventhandlers/submit_check_result $HOSTNAME$ ‘$SERVICEDESC$’ $SERVICESTATE$ ‘$OUTPUT$’

replace the above with appropriate values. Example:
Replace $HOSTNAME$ with somerealhostnameinnagioshost.cfg file
In my case I can test like this from my remote machine:
/export/home/nagios/libexec/eventhandlers/submit_check_result somehostname ‘fping’ WARNING 'test’
1 data packet(s) sent to host successfully.

Where somehostname is a hostname defined in hosts.cfg on the nagios machine and that host has a service check named fping for a description.

Edited Thu Jan 12 2006, 11:24PM ]


#7
  1. Which machine did you do the above on? Remote or nagios server?

the server. we only have ONE nagios server running. other machines are simply running an external app that talks to SEND_NSCA.

so i’m not using a truly distributed system as they describe in the docs.

  1. ARe you sure you don’t run xinetd? If so, then are you sure you dont use tcpwrappers? If not, then find out because the line you put in /etc/inetd.conf
    is not correct if using tcp_wrapppers. See the docs for correct line.

actually, no i’m not sure. i’m not an expert in linux, and could not figure out how to find out if i was using tcp_wrappers or not. but i don’t have the xinetd files, and i do have the inetd files, so i assumed i was using inetd. and to restart nagios, i go to inetd folder.

[quote=“mdroz8”]…
in the NSCA.CFG file i added the client’s IP address i will be using to the allowed host addresses.
[/quote]

There is nothing in NSCA.CFG where you add the clients IP addy. Look again. What exactly are you refferring to?

hmm… i just looked at it. it’s called the ALLOWED HOSTS section of the NSCA.CFG.

[quote=“mdroz8”]…
on the client machine i am using the send_nsca win32 port. i run the client program as follows:
send_nsca -H -c send_nsca.cfg
[/quote]

I don’t think you can test like that. I’ll get back to you in a bit.
[/quote]

how is this possible? i looked at a sample script right in the docs for a distributed setup, and a script that runs on the remote nagios server actually called it something lke this:

echo -e “host\tservice\tcode\tmsg\n” | send_nsca -c /etc/…send_nsca.cfg

don’t know how this should not be the way to test it?


#8

first of all, please understand i have COMBED through the documentation. in fact, i think i’m VERY knowdlegeable on how nagios now! i would much rather find the answer myself! :slight_smile:

[quote=“jakkedup”]http://nagios.sourceforge.net/docs/1_0/distributed.html
Read it, understand it.
To submit a check and test try this.
/usr/local/nagios/libexec/eventhandlers/submit_check_result $HOSTNAME$ ‘$SERVICEDESC$’ $SERVICESTATE$ ‘$OUTPUT$’

replace the above with appropriate values. Example:
Replace $HOSTNAME$ with somerealhostnameinnagioshost.cfg file
In my case I can test like this from my remote machine:
/export/home/nagios/libexec/eventhandlers/submit_check_result somehostname ‘fping’ WARNING 'test’
1 data packet(s) sent to host successfully.

hmm… what will this test prove? doesn’t help with the nsca problem, does it?

Where somehostname is a hostname defined in hosts.cfg on the nagios machine and that host has a service check named fping for a description.

[/quote]


#9

This from the README file with nsca:
"NOTE: If you run nsca under inetd or xinetd, the server_port
and allowed_hosts variables in the nrpe configuration file are
ignored."
So, your entry in nsca.cfg allowed_hosts=xxxx does not have any affect.
I’m guessing that you are running tcp_wrappers and that is why you can’t connect.
My old version of nsca does not have that option in it, that’s why I didn’t see it, until I downloaded this newer version just now.


#10

rpm -q tcp_wrappers


#11

[quote=“jakkedup”]This from the README file with nsca:
“NOTE: If you run nsca under inetd or xinetd, the server_port
and allowed_hosts variables in the nrpe configuration file are
ignored.”

i remember reading that. i set those because i tried to run NSCA in DAEMON mode.

So, your entry in nsca.cfg allowed_hosts=xxxx does not have any affect.
I’m guessing that you are running tcp_wrappers and that is why you can’t connect.
My old version of nsca does not have that option in it, that’s why I didn’t see it, until I downloaded this newer version just now.
[/quote]

in the docs it actually tells you how to config with or without tcwrappers. since i wasn’t sure if i was using it, i tried both configs! both give same results!

there is another nagios (latest version) that is being set up now. when that’s done i’m gonna give it a whirl on that box and just hope it magically works!!! cuz i think i’ve exhausted every option now. the only thing i can think of is that the latest version of nsca (2.4) only works with nagios 2.x and above.


#12

i have an idea. i’m runnign nagios 1.2. maybe i can try a older version of nsca_send. what version are you using? which one should i try?

in the docs it actually tells you how to config with or without tcwrappers. since i wasn’t sure if i was using it, i tried both configs! both give same results!

there is another nagios (latest version) that is being set up now. when that’s done i’m gonna give it a whirl on that box and just hope it magically works!!! cuz i think i’ve exhausted every option now. the only thing i can think of is that the latest version of nsca (2.4) only works with nagios 2.x and above.
[/quote]


#13

Version: 2.4
Last Modified: 07-23-2003
I don’t think that’s the problem.
First off, you haven’t even told me what command you are triing to run.
I’ve given you the exact command line that I use on the remote box, so now you try it and show me that you are using the SAME service description in your command line and that in fact, you have that service description/and host configured on your nagios box. Do that by showing us the services.cfg and hosts.cfg entry on your nagios box. Please don’t assume, show us. Show us that your syntax is identical, show us that you in fact have the libexec/evenhandlers/submit_check_result file and what that file looks like. Etc… You just aren’t giving enough details as to what you are doing.


#14

send_nsca -H -c send_nsca.cfg
I still don’t think that is enough to make a connection, although, I don’t use the windoz client. But it doesn’t even look close to what I use for a test.
i.e.
/usr/local/nagios/libexec/eventhandlers/submit_check_result $HOSTNAME$ ‘$SERVICEDESC$’ $SERVICESTATE$ '$OUTPUT$'
My submit_check_result file is:

#!/bin/sh

    # Arguments:
    #  $1 = host_name (Short name of host that the service is
    #       associated with)
    #  $2 = svc_description (Description of the service)
    #  $3 = state_string (A string representing the status of
    #       the given service - "OK", "WARNING", "CRITICAL"
    #       or "UNKNOWN")
    #  $4 = plugin_output (A text string that should be used
    #       as the plugin output for the service checks)
    #

    # Convert the state string to the corresponding return code
    return_code=-1

    case "$3" in
        OK)
                    return_code=0
                ;;
            WARNING)
                return_code=1
                    ;;
            CRITICAL)
                return_code=2
                    ;;
            UNKNOWN)
                return_code=-1
                    ;;
    esac

    # pipe the service check info into the send_nsca program, which
    # in turn transmits the data to the nsca daemon on the central
    # monitoring server

    /bin/echo "$1\\t$2\\t$return_code\\t$4\\n" | /export/home/nagios/bin/send_nsca nagios_server_ip -c /export/home/nagios/etc/send_nsca.cfg

Edited Fri Jan 13 2006, 04:09AM ]


#15

Try this from the remote then:
/bin/echo " validhostname validsvc_description WARNING test" | /export/home/nagios/bin/send_nsca nagios_server_ip -c /export/home/nagios/etc/send_nsca.cfg


#16

this is exactly what i have been trying since day one! :slight_smile:

on remote i say:

echo -e “validhost\tvalidserv\tblah\t blah” | send_nsca -c config file

that’s what you just said below. with your above message, you are assuming i am running a distributed setup, where ANOTHER nagios is running on a remote machine just passively passing back results. i only have one nagios server, and all i have on the remote machine is a single send_nsca client trying to report results back to nagios. this is all i shoudl need and all the documentation says i need to enter passive checks to nagios server.

can you do me a favor and tell me what exaclty happens when you do the below command you suggested me to do? cuz it dooesn’t do anything for me but error. i know i have the service and host correct because i can see them on my nagios home page.

if you go to a remote host with nothign but send_nsca installed, and type in the below command, a passive check shoudl be written to the nagos server command file.

[quote=“jakkedup”]Try this from the remote then:
/bin/echo " validhostname validsvc_description WARNING test" | /export/home/nagios/bin/send_nsca nagios_server_ip -c /export/home/nagios/etc/send_nsca.cfg[/quote]


#17

Please don’t take me litterally when I say to use /export/home/nagios/bin/send_nsca for example. All I’m saying is to use my examples as examples. Change the path’s to fit your setup.

you say you do this " echo -e “validhosttvalidservtblaht blah” | send_nsca -c config fil" but are those paths correct?
is sent_nsca actually in the folder that you are in at that time? Where as in my example, I spelled out the exact path, so I (not you) can run it from any directory that I may be in at that time.


#18

please give me some credit. :slight_smile: of course i use the correct paths and not yours. of course send_nsca is in the folder at the time, how else would it run? i may be a newbie to linux and nagios, but i certainly woudln’t make those kinds of mistakes.

[quote=“jakkedup”]Please don’t take me litterally when I say to use /export/home/nagios/bin/send_nsca for example. All I’m saying is to use my examples as examples. Change the path’s to fit your setup.

you say you do this " echo -e “validhosttvalidservtblaht blah” | send_nsca -c config fil" but are those paths correct?
is sent_nsca actually in the folder that you are in at that time? Where as in my example, I spelled out the exact path, so I (not you) can run it from any directory that I may be in at that time.
[/quote]


#19

password= must match on both ends.
encryption_method= must match and I suggest you start with 1 or 0.
If we knew what the error message you got was, it might actually help a little. Perhaps, echo… command not found… or whatever.
You may have SElinux enabled on the nagios server which is very command and blocks the incoming connection. About 80% of troubles on this forum are selinux.


#20

[quote=“jakkedup”]password= must match on both ends.
encryption_method= must match and I suggest you start with 1 or 0.
If we knew what the error message you got was, it might actually help a little. Perhaps, echo… command not found… or whatever.
You may have SElinux enabled on the nagios server which is very command and blocks the incoming connection. About 80% of troubles on this forum are selinux.[/quote]

Edited Sun Jan 15 2006, 05:25AM ]