# cd /usr/ports/net-mgmt/nagios
# make install clean
*** Config files installed ***
Remember, these are *SAMPLE* config files. You'll need to read
the documentation for more information on how to actually define
services, hosts, etc. to fit your particular needs.
**********************************************************************
Enable Nagios in /etc/rc.conf with the following line:
nagios_enable="YES"
Configuration templates are available in /usr/local/etc/nagios as
*.cfg-sample files. Copy them to *.cfg files where required and
edit to suit your needs. Documentation is available in HTML form
in /usr/local/www/nagios/docs.
If you don't already have a web server running, you will need to
install and configure one to finish off your Nagios installation.
When used with Apache, the following should be sufficient to publish
the web component of Nagios (modify the allow list to suit):
Order deny,allow
Deny from all
Allow from 127.0.0.1
php_flag engine on
php_admin_value open_basedir /usr/local/www/nagios/:/var/spool/nagios/
Options ExecCGI
ScriptAlias /nagios/cgi-bin/ /usr/local/www/nagios/cgi-bin/
Alias /nagios/ /usr/local/www/nagios/
按照上面的提示继续配置:
# echo " nagios_enable="YES"" >>/etc/rc.conf
# ee /usr/local/etc/apache22/Includes/nagios.conf
加入上面的网站配置文档。
# /usr/local/etc/rc.d/apache22 restart
# /usr/local/etc/rc.d/nagios start
问题1:
访问 nagios web界面提示
It appears as though you do not have permission to view information for any of the services you requested...
打开cgi.cfg配置文件,里面有个参数:
use_authentication=1
为了保障系统的安全性,nagios设置了这个参数,默认为1,改为0即可
最后看文档为了安全建议用use_authentication=1,可是不知道为啥,就是不对,而且在访问的时候也没有登录提示。不能登录,何来身份验证喃。原来是nagios的网站配置文档,freebsd没有加入登录验证。
查看资料将nagios.conf配置修改添加de>AllowOverride AuthConfig,用apache服务器实现用户验证
AllowOverride AuthConfig
Order deny,allow
Deny from all
Allow from 127.0.0.1 192.168.101.0/24
php_flag engine on
php_admin_value open_basedir /usr/local/www/nagios/:/var/spool/nagios/
Options ExecCGI
ScriptAlias /nagios/cgi-bin/ /usr/local/www/nagios/cgi-bin/
Alias /nagios/ /usr/local/www/nagios/
这里是给nagios配置虚拟路径,同时加上简单认证
下面创建认证文件
vi /usr/local/www/nagios/cgi-bin/.htaccess
内容为
AuthName “Nagios Access”
AuthType Basic
AuthUserFile /usr/local/etc/nagios/htpasswd.users
require valid-user
然后
# htpasswd -c /usr/local/etc/nagios/htpasswd.users nagiosadmin(因为nagios.cfg默认用户为nagiosadmin)
重启apache
# /usr/local/etc/rc.d/apache22 restart
终于看到了熟悉的登录对话框,问题解决了。
问题2
准备对windows做监控,缺发现freebsd安装完后在objects目录没有windows.cfg模板文件。
# cd /usr/ports/distfiles
# tar -zxvf nagios-3.2.0.tar.gz
# cp /usr/ports/distfiles/nagios-3.2.0/sample-config/template-object/windows.cfg.in /usr/local/etc/nagis/objiects/windows.cfg
问题3
如果想指定保存在Windows机器上NSClient++配置文件里的口令,可以修改check_nt命令定义,让它带着口令。编辑方式打开commands.cfg文件。
vi /usr/local/etc/nagios/commands.cfg
修改check_nt命令的定义,带上"-s "命令参数(这里的PASSWORD 要换成你Windows机器的真正口令),象这样:
define command{
command_name check_nt
command_line $USER1$/check_nt -H $HOSTADDRESS$ -p 12489 -s PASSWORD -v $ARG1$ $ARG2$
}
问题4 email报警
# cd /usr/ports/mail/ssmtp
# make install clean
To replace sendmail with ssmtp type "make replace"
However, before you can use the program, you should copy the files
"revaliases.sample" and "ssmtp.conf.sample" in /usr/local/etc/ssmtp
to "revaliases" and "ssmtp.conf" respectively and edit them to suit
your needs.
# cd /usr/local/etc/ssmtp
# cp ssmtp.conf.sample ssmtp.conf
# vi ssmtp.conf
上面的方法我没有测试了,我就用的sendmail直接发的邮件,估计是因为我的固定ip正好有mx的解析记录。139的邮箱一开始就能收到通告邮件,只是把它当成垃圾邮件。于是添加白名单,修改垃圾邮件标识。现在能正常的收到短信通知了。
首先修改contacts.cfg部分的email,改成你自己的邮箱就行了
问题5
用snmp 监控交换机端口情况,提示unknow,我的交换机型号为H3C 3100 26TP SI
nagios模板用的参数如下: check_snmp!-C public -o ifOperStatus.1 -r 1 -m RFC1213-MIB
在nagios服务器上用# snmpwalk -c public -v 1 192.168.101.252 更本就没有ifOperStatus.1的ID号。瞎折腾了一阵,终于找到了正确的ID信息。用下面的命令最省事了。
# snmpwalk -c public -v 1 192.168.101.252 | grep Ethernet
IF-MIB::ifDescr.4227626 = STRING: Ethernet1/0/1
IF-MIB::ifDescr.4227634 = STRING: Ethernet1/0/2
IF-MIB::ifDescr.4227642 = STRING: Ethernet1/0/3
IF-MIB::ifDescr.4227650 = STRING: Ethernet1/0/4
IF-MIB::ifDescr.4227658 = STRING: Ethernet1/0/5
IF-MIB::ifDescr.4227666 = STRING: Ethernet1/0/6
IF-MIB::ifDescr.4227674 = STRING: Ethernet1/0/7
IF-MIB::ifDescr.4227682 = STRING: Ethernet1/0/8
IF-MIB::ifDescr.4227690 = STRING: Ethernet1/0/9
IF-MIB::ifDescr.4227698 = STRING: Ethernet1/0/10
IF-MIB::ifDescr.4227706 = STRING: Ethernet1/0/11
IF-MIB::ifDescr.4227714 = STRING: Ethernet1/0/12
IF-MIB::ifDescr.4227722 = STRING: Ethernet1/0/13
IF-MIB::ifDescr.4227730 = STRING: Ethernet1/0/14
IF-MIB::ifDescr.4227738 = STRING: Ethernet1/0/15
IF-MIB::ifDescr.4227746 = STRING: Ethernet1/0/16
IF-MIB::ifDescr.4227754 = STRING: Ethernet1/0/17
IF-MIB::ifDescr.4227762 = STRING: Ethernet1/0/18
IF-MIB::ifDescr.4227770 = STRING: Ethernet1/0/19
IF-MIB::ifDescr.4227778 = STRING: Ethernet1/0/20
IF-MIB::ifDescr.4227786 = STRING: Ethernet1/0/21
IF-MIB::ifDescr.4227794 = STRING: Ethernet1/0/22
IF-MIB::ifDescr.4227802 = STRING: Ethernet1/0/23
IF-MIB::ifDescr.4227810 = STRING: Ethernet1/0/24
IF-MIB::ifDescr.4228057 = STRING: GigabitEthernet1/1/1
IF-MIB::ifDescr.4228065 = STRING: GigabitEthernet1/1/2
IF-MIB::ifDescr.4228473 = STRING: GigabitEthernet1/2/1
IF-MIB::ifDescr.4228481 = STRING: GigabitEthernet1/2/2
要监控哪个端口,自己修改就好了。
比如要监控GigabitEthernet1/1/1的话,就改成下面的样子:
check_snmp!-C public -o ifOperStatus.4228057 -r 1 -m RFC1213-MIB
而且我这边的这几台交换机的ID号是相同的,因为没有其他的设备测试,不是知道这个是华为统一使用的标准还是3100的标准。反正找到正确的方法才是硬道理。
阅读(917) | 评论(0) | 转发(0) |
