近段时间一直在研究nagios监控系统,借鉴了不少高手的文章,费了不少功夫总算把它搞定了,以下就是具体的安装过程,更深层的监控项目还有待进一步研究,希望大家给点建设!!
#===========================安装 Nagios ========================================
cd /opt
groupadd nagios
groupadd nagcmd
useradd nagios -g nagcmd -d /usr/local/nagios
chown nagios.nagios /usr/local/nagios/
chmod 755 /usr/local/nagios
wget [url]http://osdn.dl.sourceforge.net/sourceforge/nagios/nagios-3.0.2.tar.gz[/url]
tar -zxvf nagios-3.0.2.tar.gz
cd nagios-3.0.2
./configure --with-command-group=nagcmd
make all
make install
make install-init
make install-config
make install-commandmode
/usr/local/apache2/bin/htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
#编辑httpd.conf配置文件
ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"
<Directory "/usr/local/nagios/sbin">
# SSLRequireSSL
Options ExecCGI
AllowOverride None
Order allow,deny
Allow from all
# Order deny,allow
# Deny from all
# Allow from 127.0.0.1
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user
</Directory>
Alias /nagios "/usr/local/nagios/share"
<Directory "/usr/local/nagios/share">
# SSLRequireSSL
Options None
AllowOverride None
Order allow,deny
Allow from all
# Order deny,allow
# Deny from all
# Allow from 127.0.0.1
AuthName "Nagios Access"
AuthType Basic
AuthUserFile /usr/local/nagios/etc/htpasswd.users
Require valid-user
</Directory>
#重启apache
killall httpd
#============================安装nagios plugins=========================
cd /opt
wget [url]http://osdn.dl.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.11.tar.gz[/url]
tar -zxvf nagios-plugins-1.4.11.tar.gz
cd nagios-plugins-1.4.11
./configure --prefix=/usr/local/nagios --with-nagios-user=nagios --with-nagios-gourp=nagios --with-mysql=/usr/local/mysql5/ --enable-perl-modules
make
make install
#配置和启动nagios
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
#如果提示“Whoops! Error: Could not read object configuration data! ”,这是因为没有启动nagios后台进程,执行以下命令
/usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg
#=============================安装nrpe 插件==============================
#对远程一台linux主机进行监控
#监控服务器上安装设置
cd /opt
wget [url]http://www.mirrors.wiretapped.net/security/network-monitoring/nagios/nrpe-2.8.1.tar.gz[/url]
#监控主机上安装方法
tar -zxvf nrpe-2.8.1.tar.gz
cd nrpe-2.8.1
./configure
make all
make install
make install-plugin ---监控机需要安装check_nrpe这个插件,被监控机并不需要
##########################################################################
#被监控主机上安装方法
cd /opt
useradd nagios -d /usr/local/nagios
chown nagios.nagios /usr/local/nagios/
tar -zxvf nagios-plugins-1.4.11.tar.gz
cd nagios-plugins-1.4.11
./configure --enable-perl-modules --with-ping-command=ping
make
make install
cd /opt
tar -zxvf nrpe-2.8.1.tar.gz
cd nrpe-2.8.1
./configure
make all
make install
make install-plugin
make install-daemon
make install-daemon-config
vi /usr/local/nagios/etc/nrpe.conf
allowed_hosts=192.168.8.150
#为了监控swap在nrpe.cfg中添加
command[check_swap]=/usr/local/nagios/libexec/check_swap -w 20% -c 10%
command[check_sda1]=/usr/local/nagios/libexec/check_disk -w 20 -c 10 -p /dev/sda1
#sdb1可根椐实际情况更改,我这里的硬盘类型是scsi
vi /etc/services
#增加nrpe
nrpe 5666/tcp # nrpe
#启动nrpe
/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d
netstat -at|grep nrpe
netstat -an|grep 5666
#############################################################################
#再对监控服务器进行设置
#添加nrpe的定义
vi /usr/local/nagios/etc/objects/commands.cfg
# 'check_nrpe ' command definition
define command{
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}
vi /usr/local/nagios/etc/cgi.cfg
把use_authentication=1修改为use_authentication=0如果出现页面无法显示之类的
authorized_for_system_commands=nagiosadmin,kerry --kerry为http访问授权用户
authorized_for_all_services=nagiosadmin,kerry
authorized_for_all_hosts=nagiosadmin,kerry
authorized_for_all_service_commands=nagiosadmin,kerry
authorized_for_all_host_commands=nagiosadmin,kerry
#测试NRPE是否则正常工作
/usr/local/nagios/libexec/check_nrpe -H localhost
killall nagios
/usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg
echo "/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg �d" >> /etc/rc.local
ehco "/usr/local/nagios/bin/nagios -d /usr/local/nagios/etc/nagios.cfg" >>/etc/rc.local
#问题:notifications for this service have been disabled
#解决办法:enable notifications for this service
#问题:Status Map页面无法显示
#解决方法:ln -s /usr/local/lib/libgd.so.2 /usr/lib/libgd.so.2
vi /usr/local/nagios/etc/nagios.cfg
#添加
cfg_file=/usr/local/nagios/etc/objects/emos-mailserver.cfg
#emos-mailserver.cfg这个文件名可以自定义
#对刚定义的emos-mailserver.cfg文件进行配置
vi /usr/local/nagios/etc/objects/emos-mailserver.cfg
define host{
use linux-server
host_name emos-mailserver
alias emos-mailserver
address 192.168.8.151
}
define service{
use generic-service
host_name emos-mailserver
service_description HTTP
check_command check_http
}
define service{
use generic-service
host_name emos-mailserver
service_description SSH
check_command check_ssh
}
define service{
use generic-service
host_name emos-mailserver
service_description SMTP
check_command check_smtp
}
define service{
use generic-service
host_name emos-mailserver
service_description POP3
check_command check_pop
}
#define service{
# use generic-service
# host_name emos-mailserver
# service_description mysql
# check_command check_mysql
# }
define service{
use generic-service
host_name emos-mailserver
service_description check-swap
check_command check_nrpe!check_swap
}
define service{
use generic-service
host_name emos-mailserver
service_description check-load
check_command check_nrpe!check_load
}
define service{
use generic-service
host_name emos-mailserver
service_description check-disk
check_command check_nrpe!check_sda1
}
define service{
use generic-service
host_name emos-mailserver
service_description zombie_procs
check_command check_nrpe!check_zombie_procs
}
define service{
use generic-service
host_name emos-mailserver
service_description check-users
check_command check_nrpe!check_users
}
define service{
use generic-service
host_name emos-mailserver
service_description total_procs
check_command check_nrpe!check_total_procs
#配置完后,重启nagios
killall nagios
service nagios start
pstree |grep nagios
[url]http://192.168.8.150/nagios[/url]
#=============================安装 pnp===============================================
cd /opt
tar zxvf pnp-0.4.12.tar.gz
cd pnp-0.4.12
./configure --with-nagios-user=nagios \
--with-nagios-group-nagios \
--with-rrdtool=/usr/local/rrdtool/bin/rrdtool \
--with-perfdata-dir=/usr/local/nagios/share/perfdata
make
make all
make install
make install-config
make install-init
#错误提示:RRDs Perl Modules: *** NOT FOUND ***
#解决方法:ln -sv /usr/local/rrdtool/lib/perl/5.8.8/i386-linux-thread-multi/auto/RRDs/RRDs.so /usr/lib/perl5/5.8.8/i386-linux-thread-multi/
#要产生图形数据还需在commands.cfg中重定义命令:
define command{
command_name process-service-perfdata
command_line /usr/local/nagios/libexec/process_perfdata.pl
}
#产生图形数据还要设定nagios.cfg文件:
process_performance_data=1
service_perfdata_command=process-service-perfdata
[url]http://192.168.8.150/nagios/pnp/[/url]
#==========================监控远程windows主机==================================
#监控windows服务器
wget [url]http://nchc.dl.sourceforge.net/sourceforge/nscplus/NSClient++-Win32-0.3.5.zip[/url]
解压nsclient++0.3.3.zip到c盘根目录
解压为C:\NSClient++
#在nagios监控服务器上
vi /usr/local/nagios/etc/nagios.cfg
cfg_file=/usr/local/nagios/etc/objects/windows.cfg 去掉这句话的注释
#到win服务器上,打开命令窗口,cd到刚才解压的目录
#在命令行界面执行 nsclient++ /install
#然后 nsclient++ SysTray 如果出错不用管!
#此时在“服务”里面已经有了nsclient的服务
双击打开,点"登录"标签,在"允许服务与桌面交互"前打勾
#编辑NES.ini,在 [modules] 选项里,去掉所有的注释符号; 除了
CheckWMI.dll和RemoteConfiguration.dll
#the [Settings] 选项里
修改allowd_host=192.168.8.150(nagios服务器的ip)
#[NSClient] 里面,去掉port=12489的注释!他靠端口12489侦听,所以防火墙要打开这个端口!
在[Settings]部分设置'password'选项来设置密码,作用是在nagios连接过来时要求提供密码.这一步是可选的,我这里方便起见跳过它,不要密码.
#然后启动nsclient
nsclient++ /start
#接下来我们开始配置nagios服务器里面的内容
vi /usr/local/nagios/etc/objects/windows.cfg
define host{
use windows-server
host_name winserver alias
My Windows Server
address 192.168.8.151 --windows服务器的IP地址
}
#修改hostname和address,很重要!!
#重新启动监控服务器上的nagios
killall nagios
service nagios start
#==============================安装 sengEmail ==================================
#使用sendEmail发送报警邮件
cd /opt
wget [url]http://caspian.dotconf.net/menu/Software/SendEmail/sendEmail-v1.55.tar.gz[/url]
tar -zxvf sendEmail-v1.55.tar.gz
cd sendEmail-v1.55
cp sendEmail /usr/local/bin
chmod +x /usr/local/bin/sendEmail
#sendEmail使用方法
/usr/local/bin/sendEmail �f [email protected] �t [email protected] �s mail.3aaa.com �u “from nagios” �xu [email protected] �xp 11111 �m happy
#解释:-f 表示发送者的邮箱
-t 表示接收者的邮箱
-s 表示SMTP服务器的域名或者ip
-u 表示邮件的主题
-xu 表示SMTP验证的用户名
-xp 表示SMTP验证的密码(注意,这个密码貌似有限制,例如我用d!5neyland就不能被正确识别)
-m 表示邮件的内容如果你不带-m参数的话,就会提示你自行输入
#编辑配置文件,nagios使用sendEmail来发警告邮件
vi /usr/local/nagios/etc/objects/commands.cfg
# 'notify-host-by-email' command definition
define command{
command_name notify-host-by-email
command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /usr/local/bin/sendEmail �f [email protected] �t $CONTACTEMAIL$ �s mail.3aaa.com �u "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" �[email protected] �xp 11111
}
# 'notify-service-by-email' command definition
define command{
command_name notify-service-by-email
command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$" | /usr/local/bin/sendEmail �f [email protected] �t $CONTACTEMAIL$ �s mail.3aaa.com �u "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" �[email protected] �xp 111111
}
#注:在使用sendEmail的过程中无法发送报警邮件,不知是什么原因,只好改用系统自带的sendmail发邮件!!