Network Monitoring with Nagios

Matt Gracie, Information Security Administrator
Canisius College, Buffalo, NY

Canisius College is one of 28 Jesuit colleges in the nation and the
premier private college in Western New York. Canisius prepares
leaders – intelligent, caring, faithful individuals – able to pursue and
promote excellence in their professions, communities and service to

org .from www.” -. end-users or managers do.nagios. What is Nagios? “Nagios is a host and service monitor designed to inform you of network problems before your clients.

Additionally. the machine should have an HTTP server and a TCP stack available. unless you choose to pay for professional support. Nagios was originally written to run under Linux. What Is Required? Nagios is an open source tool released under the terms of the GNU General Public License (GPL). There is no cost to use the software. . but it should work under almost any Unix variant with a C compiler. . the daemon can send notifications out to administrative contacts in a variety of different ways (email. and reports can all be accessed via a web browser.” --from www. SMS. How does it work? “The monitoring daemon runs intermittent checks on hosts and services you specify using external "plugins" which return status information to Nagios.). instant message. When problems are encountered. historical logs. Current status information. etc.

Generally. Why Did We Start Using It? Sometimes. nobody knows who is responsible for a particular computer. . this turns out to be a problem.

4 Ghz Pentium 4 desktop computer. Though our installation is a little behind the current 2.6 Ghz Opteron blade.X series. we are running it on a 2.4 on Debian GNU/Linux. so the content of this presentation should be applicable to an installation of a newer version as well. . It is being used to constantly monitor 584 services across 345 different hosts. Our Setup We are running Nagios 1. ranging from switches and routers to various types of servers. The initial. test implementation was running on a 1. Currently. there are very few differences in functionality.

While there are many additional files and options. the truly necessary ones for a basic implementation are: ● hosts.cfg .cfg ● hostgroups.cfg ● services.cfg ● contacts.cfg ● contactgroups. Configuration Files The majority of the configuration in Nagios is handled via text files in the /etc/nagios directory of the server.

to monitor its own status. such as check_disk. If it stops responding. the Nagios Server will alert the people designated as contacts for the Web Server. the Nagios Server will periodically ping the Web Server to make sure that it is still responding to network traffic. The Nagios Server will also use plugins. . The Simplest Setup In this configuration.

. NRPE In this case. and send alerts based on configured thresholds. on the Web Server. This allows the Nagios Server to monitor private information. the Nagios Server will use the NRPE (Nagios Remote Plugin Execution) service running on the Web Server to run plugins on the remote machine. such as CPU load or disk space.

NSCA In this case. the Database Server uses the send_nsca utility to submit passive reports to the Nagios Server. . instead. This allows the Nagios Server to stay abreast of the Database Server's status without requiring a specific firewall hole to accommodate it. So. the Nagios Server cannot reach the Database Server because of the intervening firewall.

More Advanced Features .

. to schedule downtime for hosts or individual services. using the web interface for Nagios. This means that the checks for those hosts and services will be suspended until the scheduled downtime ends. Scheduled Downtime It is possible.

For example. if a machine is prone to having its Apache installation crash. . Event Handlers An event handler is an automatic script that kicks off when a monitored service enters a particular state. a script could be written that attempts to restart the daemon and only mails the admin if this is unsuccessful.

managers. a method of alerting additional or different groups of administrators when a problem goes unsolved. define serviceescalation{ define serviceescalation{ host_name webserver host_name webserver service_description HTTP service_description HTTP first_notification 3 first_notification 6 last_notification 5 last_notification 10 notification_interval 90 notification_interval 60 contact_groups nt.managers admins. Notification Escalations Nagios supports Notification Escalations. contact_groups nt- admins.everyone } } Initial Alert Escalated Alert .

services on the Web Server will be unreachable from the Nagios Server if there's something wrong with the Border Router. . Nagios allows for Service Dependencies to be added to the configuration. so that in a situation like that. the Web Server would not be checked until the Border Router is functioning properly again. Service Dependencies In a case like this.

Distributed Monitoring .

. it's very simple to draw that information out for other purposes. Alternative Frontends Because Nagios stores all of its information in a standard MySQL database. so that they can see in real time if a host is down. This is a web frontend to the Nagios database that I made for our Help Desk.

● Fruity ● Nagmin ● Nagat ● nagiosgraph ● And many.. Third-Party Tools There are a lot of third-party tools available for Nagios. . many more..

Summary .

org Complete Guide to Nagios Network Monitoring with Nagios . More Information Nagios Home Page Nagios Exchange (Third-party products) http://www.nagiosexchange.