迷彩 潜伏 隐蔽 伪装
分类:
2012-09-02 00:42:08
原文地址:开源nagios监控部署 作者:yungho
在192.168.0.1做如下操作,配置nagios主机
配置编译环境:
yum install httpd gcc make gd-devel perl-ExtUtils-Embed.x86_64 -y
注意:gd-devel系统自带的软件包里没有
useradd nagios #运行nagios服务的用户
useradd -G nagios apache #使apache用户nagios目录有写权限,以免web页面操作失败
软件下载:
---->nagios服务软件安装
tar -jxf nagios-cn-3.2.3.tar.bz2
cd nagios-cn-3.2.3
./configure --enable-embedded-perl
make all
make install
make install-init
make install-commandmode
make install-config
make install-webconf
---->nagios插件安装
yum install mysql-devel openssl-devel -y
tar -zxf nagios-plugins-1.4.15.tar.gz
cd nagios-plugins-1.4.15
./configure -–with-nagios-user=nagios –-with-nagios-group=nagios
-–enable-extra-opts -–enable-libtap --enable-perl-modules
make; make install
---->nagios文件配置
vim /usr/local/nagios/etc/nagios.cfg
....
# Definitions for monitoring the local (Linux) host
cfg_file=/usr/local/nagios/etc/objects/hosts.cfg # hosts.cfg文件存放主机与主机组定义
cfg_file=/usr/local/nagios/etc/objects/services.cfg # services.cfg文件存放服务与服务组定义
#cfg_file=/usr/local/nagios/etc/objects/localhost.cfg #注释localhost.cfg文件
注:彩色区域为编辑区,hosts.cfg and services.cfg文件模板均来自同目录下的localhost.cfg,
可以通过cp localhost.cfg hosts.cfg 和cp localhost.cfg services.cfg的方式产生hosts.cfg 和
services.cfg文件,然后在通过修改这两个文件,使之成为目标文件。不建议通过vim 之间直接
编辑文件,可能对格式又要求,会产生格式错误,这往往是很隐蔽的错误。最好还是先拷贝,
在编辑。把文件中多余的部分删掉,或注释掉
---->此实验的目标文件hosts.cfg and services.cfg内容如下:
vim /usr/local/nagios/etc/objects/hosts.cfg
# Define a host for the local machine
define host{
use linux-server
host_name monitor
alias nagios server
address 127.0.0.1
icon_image web.gif
statusmap_image web.gd2
2d_coords 100,200
3d_coords 100,200,100
}
define hostgroup{ #主机组并不是必须的。仅是配合nagios的监控页面的显示
hostgroup_name linux-servers
alias Linux Servers
members *
}
vim /usr/local/nagios/etc/objects/services.cfg
define service{
use local-service
host_name *
service_description PING
check_command check_ping!100.0,20%!500.0,60%
}
define service{
use local-service
host_name monitor
service_description 根分区
check_command check_local_disk!20%!10%!/
}
define service{
use local-service
host_name monitor
service_description 登录用户数
check_command check_local_users!20!50
}
define service{
use local-service
host_name monitor
service_description 进程总数
check_command check_local_procs!250!400!RSZDT
}
define service{
use local-service
host_name monitor
service_description 系统负荷
check_command check_local_load!5.0,4.0,3.0!10.0,6.0,4.0
}
define service{
use local-service
host_name monitor
service_description 交换空间利用率
check_command check_local_swap!20!10
}
define servicegroup{ #主机组并不是必须的。仅是配合nagios的监控页面的显示
servicegroup_name 系统状况检查
alias 系统概况
members monitor,进程总数,monitor,登录用户数,monitor,根分区,monitor,交换空间利用率
}
---->检测nagios配置文件的正确性
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
---->nagios监控页面访问用户和密码设定
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
---->启动nagios and httpd服务,以备首次登录nagios页面
/etc/init.d/nagios start
/etc/init.d/httpd start
输入上面添加的用户名和密码登录
在192.168.0.13配置mysql主机
---->在 mysql主机创建检测监控账户
mysql> create database nagdb;
Query OK, 1 row affected (0.12 sec)
mysql> grant select on nagdb.* to nagios@'192.168.0.1';
Query OK, 0 rows affected (0.16 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.07 sec)
---->在nagios主机测试你是否可以连接到mysql主机的mysql服务
/usr/local/nagios/libexec/check_mysql -H 192.168.0.13 -u nagios -d nagdb
[root@server1 ~]# /usr/local/nagios/libexec/check_mysql -H 192.168.0.13 -u nagios -d nagdb
Uptime: 47133 Threads: 15 Questions: 59930 Slow queries: 0 Opens: 510 Flush tables: 1
Open tables: 64 Queries per second avg: 1.271
在nagios主机上添加对mysql主机的监控定义
---->hosts.cfg添加如下行
vim /usr/local/nagios/etc/objects/hosts.cfg
define host{
use linux-server
host_name mysql host
alias mysql server
address 192.168.0.13
icon_image web.gif
statusmap_image web.gd2
2d_coords 300,500
3d_coords 500,200,100
}
---->services.cfg添加如下行
vim /usr/local/nagios/etc/objects/services.cfg
define service{
use local-service
host_name mysql host
service_description mysql 服务组
check_command check_mysql
}
define servicegroup{
servicegroup_name mysql 服务组
alias mysql 服务器
}
---->commands.cfg添加下面行
vim /usr/local/nagios/etc/objects/commands.cfg
define command{
command_name check_mysql
command_line $USER1$check_mysql -H $HOSTADDRESS$ -u nagios -d nagdb
}
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
---->检测无错后重载nagios
/etc/init.d/nagios reload
Nagios通过Nrpe监控主机状况
远程主机设定
useradd nagios
tar zxf nagios-plugins-1.4.15.tar.gz #nagios插件安装
cd nagios-plugins-1.4.15
./configure –with-nagios-user=nagios –with-nagios-group=nagios –enable-perl-modules
–enable-extra-opts --enable-libtap
make; make install
yum install xinetd -y
tar -zxf nrpe-2.12.tar.gz
cd nrpe-2.12
./configure
make all
make install-plugin
make install-daemon
make install-daemon-config
make install-xinetd
vim /erc/xinetd.d/nrpe 修改如下行
only_from = 192.168.0.1 #nagios主机IP
vim /etc/services 添加如下行
nrpe 5666/tcp #添加nrpe服务监听端口
vim /usr/local/nagios/etc/nrpe.cfg
....
command[check_users]=/usr/local/nagios/libexec/check_users -w 5 -c 10
command[check_load]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c 30,25,20
command[check_disk]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p / #根分区监测
command[check_zombie_procs]=/usr/local/nagios/libexec/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/local/nagios/libexec/check_procs -w 150 -c 200
....
/etc/init.d/xinetd restart
[root@server13 ~]# netstat -antlp | grep 5666 有如下输出说明nrpe正常启动
tcp 0 0 :::5666 :::* LISTEN 5793/xinetd
监控(nagios)主机设定
软件下载:
tar -zxf nrpe-2.12.tar.gz
cd nrpe-2.12
./configure –with-nagios-user=nagios –with-ngios-group=nagios
make all
make install-plugin
---->有如下输出表示连接正常
[ ~]# /usr/local/nagios/libexec/check_nrpe -H 192.168.0.13
NRPE v2.12
vim /usr/local/nagios/etc/objects/commands.cfg 添加如下行
define command{
command_name check_nrpe
command_line $USER1$check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}
---->测试远程主机的 / 的使用率
[ ~]# cd /usr/local/nagios/libexec/
[ ~]#./check_nrpe -H 192.168.0.13 -c check_disk
DISK OK - free space: / 2714 MB (47% inode=70%);| /=2984MB;4803;5403;0;6004
vim /usr/local/nagios/etc/objects/services.cfg 添加如下行
define service{
use local-service #generic-service
host_name mysql host
service_description CPU Load
check_command check_nrpe!check_load
}
define service{
use local-service #generic-service
host_name mysql host
service_description Current Users
check_command check_nrpe!check_users
}
define service{
use local-service #generic-service
host_name mysql host
service_description / Free Space
check_command check_nrpe!check_disk
}
define service{
use local-service #generic-service
host_name mysql host
service_description Total Processes
check_command check_nrpe!check_total_procs
}
define service{
use local-service #generic-service
host_name mysql host
service_description Zombie Processes
check_command check_nrpe!check_zombie_procs
}
define servicegroup{
servicegroup_name database
alias mysql
members mysql host,CPU Load,mysql host, / Free space #根据需要添加成员
}
/usr/local/nagios/bin/nagios -v /usr/loca/nagios/etc/nagios.cfg #检测文件无误后重载nagios服务
/etc/init.d/nagios reload
url=显示文件编辑后页面变化
nagios整合fection/实现故障报警
下载飞信软件与支持库:/
cp fetion /usr/local/nagios/libexec
chmod +x /usr/local/nagios/libexec/fetion
chown nagios.nagios /usr/local/nagios/libexec/fetion
tar -zxf linuxso_20101113.tar.gz -C /usr/local/lib
chmod +x /usr/local/lib/*
ldconfig /usr/local/lib/
编辑下面文件将fetion模块的路径写入文件后,执行ldconfig
这样做可避免多次执行ldconfig /usr/local/lib/
vim /etc/ld.so.conf.d/fetion.conf
/usr/local/lib
ldconfig #使上面的更改生效
yum install keyutils-libs libcom_err libselinux krb5-libs zlib -y
####以nagios身份运行以下命令
[ ~]$ /usr/local/nagios/libexec/fetion --mobile=152******** --pwd=飞信密码
--to=152******** --msg-utf8=”Good Luck”
注:第一次发飞信,要求输入验证码,生成验证码的图片在/usr/local/nagios/libexec/
####以脚本的方式实现飞信的发送
vim /usr/local/nagios/libexec/fetion.sh
/usr/local/nagios/libexec/fetion --mobile=152******** --pwd=飞信密码 --to=”$1”
--msg-utf8=”$2” > /dev/null
chmod +x /usr/local/nagios/libexec/fetion.sh
chown nagios.nagios /usr/local/nagios/libexec/fetion.sh
/usr/local/nagios/libexev/fetion.sh 152******** “hello world”
####编辑文件添加红色字体语句
vim /usr/local/nagios/etc/objects/templates.cfg
service_notification_commands notify-service-by-email, notify-service-by-fetion
host_notification_commands notify-host-by-email, notify-host-by-fetion
vim /usr/local/nagios/etc/objects/commands.cfg
#'notify-host-by-fetion' command definition
define command{
command_name notify-host-by-fetion
command_line $USER1$/fetion.sh $CONTACTPAGER$ "$NOTIFICATIONTYPE$
Host Alert: $HOSTNAME$ is $HOSTSTATE$"
}
#'notify-service-by-fetion' command definition
define command{
command_name notify-service-by-fetion
command_line $USER1$/fetion.sh $CONTACTPAGER$ "$NOTIFICATIONTYPE$
Service Alert: $HOSTTALIAS$/$SERVICEDESC$ is $SERVICESTATE$"
}
vim /usr/local/nagios/etc/objects/contacts.cfg
....
pager 152********
....
下来就可以测试了,尝试着制造几个故障,在将故障排除看是否会收到飞信和邮件的报警信息。