In this case, you need to check on the /etc/xinetd.d/nrpe as following.
# default: on
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
flags = REUSE
socket_type = stream
port = 5666
wait = no
user = nagios
group = nagios
server = /usr/local/nagios/bin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd
log_on_failure += USERID
disable = no
only_from = 10.1.2.2
}
You need to make sure the only_from ip is the IP for nagios monitoring server.
If the only_from IP is not correct, rectify it and then restart xinetd.d by using the following command.
[admin@remotehost ~]$ sudo /etc/init.d/xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
If the nrpe setting is already correct, then you need to check in /var/log/messages in the remote host. You might see the following error.
Jul 29 13:36:56 remotehost xinetd[7336]: FAIL: nrpe address from=10.1.2.2
Jul 29 13:36:56 remotehost xinetd[6595]: START: nrpe pid=7336 from=10.1.2.2
Jul 29 13:36:56 remotehost xinetd[6595]: EXIT: nrpe status=0 pid=7336 duration=0(sec)
Try to restart xinetd daemon using the command above and then check on /var/log/messages again. If you see the following error, it might mean that xinetd had problem to start up nrpe becuase of its bug to release the address.
Jul 29 13:35:54 remotehost xinetd[6595]: bind failed (Address already in use (errno = 98)). service = nrpe
Jul 29 13:35:54 remotehost xinetd[6595]: Service nrpe failed to start and is deactivated.
Jul 29 13:35:54 remotehost xinetd[6595]: xinetd Version 2.3.14 started with libwrap loadavg labeled-networking options compiled in.
# default: on
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
flags = REUSE
socket_type = stream
port = 5666
wait = no
user = nagios
group = nagios
server = /usr/local/nagios/bin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd
log_on_failure += USERID
disable = no
only_from = 10.1.2.2
}
You need to make sure the only_from ip is the IP for nagios monitoring server.
If the only_from IP is not correct, rectify it and then restart xinetd.d by using the following command.
[admin@remotehost ~]$ sudo /etc/init.d/xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
If the nrpe setting is already correct, then you need to check in /var/log/messages in the remote host. You might see the following error.
Jul 29 13:36:56 remotehost xinetd[7336]: FAIL: nrpe address from=10.1.2.2
Jul 29 13:36:56 remotehost xinetd[6595]: START: nrpe pid=7336 from=10.1.2.2
Jul 29 13:36:56 remotehost xinetd[6595]: EXIT: nrpe status=0 pid=7336 duration=0(sec)
Try to restart xinetd daemon using the command above and then check on /var/log/messages again. If you see the following error, it might mean that xinetd had problem to start up nrpe becuase of its bug to release the address.
Jul 29 13:35:54 remotehost xinetd[6595]: bind failed (Address already in use (errno = 98)). service = nrpe
Jul 29 13:35:54 remotehost xinetd[6595]: Service nrpe failed to start and is deactivated.
Jul 29 13:35:54 remotehost xinetd[6595]: xinetd Version 2.3.14 started with libwrap loadavg labeled-networking options compiled in.
In
this case, you cannot start nrpe as embeded service in xinetd since this
is a bug in xinetd. To fix this, you can start nrpe as standalone
daemon. Before you started nrpe as standalone daemon, you need to verify
the configuration in /usr/local/nagios/etc/nrpe.cfg. The following are
two parameters that you need to take care of. The value for
allowed_hosts should be the ip of nagios monitoring host and the
server_port is 5666.
allowed_hosts=10.1.8.2
server_port=5666
Besides, you need to make sure xinetd is not running or you need to remove /etc/xinetd.d/nrpe and restart xinetd daemon.
Then, you can issue the following command to start nrpe as standalone daemon.
[admin@remotehost]$ /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d
You should see the following log in /var/log/messages.
Jul 29 14:18:31 remotehost nrpe[5947]: Starting up daemon
Jul 29 14:18:31 remotehost nrpe[5947]: Listening for connections on port 5666
Jul 29 14:18:31 remotehost nrpe[5947]: Allowing connections from: 10.1.2.2
Jul 29 14:18:31 remotehost nrpe[5947]: Listening for connections on port 5666
Jul 29 14:18:31 remotehost nrpe[5947]: Allowing connections from: 10.1.2.2
In this case, you can now verify the nrpe connection by running check_nrpe from nagios monitoring host as following.
[admin@monitoringhost ~]$ /usr/local/nagios/libexec/check_nrpe -H 10.1.2.12
NRPE v2.12
No more error 'CHECK_NRPE: Error - Could not complete SSL handshake.' now.NRPE v2.12
No comments:
Post a Comment