Lab #8 - Nagios Monitoring & Munin Statistics

Lab Steps:
I.

Stanislav

Installing and Basic Configuration of Nagios A. Install nagios-plugins and nagios using yum B. Edit /etc/httpd/conf.d/nagios.conf 1. Set “AuthUserFile” in *both* locations to /home/bjones/.htpasswd 2. Uncomment “SSLRequireSSL” for *both* locations C. Restart the httpd service to enable the new Nagios configuration. D. Edit /etc/nagios/nagios.cfg 1. Set log_rotation_method to weekly 2. Disable check_for_updates 3. Set admin_email to bjones@mail.mynet 4. Set admin_pager to bjones@mail.mynet E. Edit /etc/nagios/cgi.cfg 1. Set authorized_for_system_information to bjones 2. Set authorized_for_configuration_information to bjones 3. Set authorized_for_system_commands to bjones 4. Set authorized_for_all_services to bjones 5. Set authorized_for_all_hosts to bjones 6. Set authorized_for_all_service_commands to bjones 7. Set authorized_for_all_host_commands to bjones 8. Set refresh_rate to 60 F. Edit /etc/nagios/objects/contacts.cfg 1. Set contact_name to bjones 2. Set alias to Bob Jones 3. Set email to bjones@mail.mynet 4. Under “contactgroup” set members as bjones G. Configure nagios to start automatically on boot and load the service now. H. Go to “https://<your VM IP>/nagios and authenticate as bjones with the password testing123 Fixing SSH Service Monitoring A. Inside of Nagios, click on Hosts link from the navigation and then click the entry for localhost. B. At the bottom of the screen, click Add a new comment and write a comment for “Nagios Server”. C. Click on the Services link from the navigation and notice that SSH is marked as critical. D. Click on the link for SSH. You can observe the length of downtime and the status information. E. Click the Acknowledge this service problem link from the box on the right side of the page. F. Add a comment of “SSH not on standard port 22”. Click on Services from the navigation again. G. You will observe the ʻworkerʼ icon and ʻcomment bubbleʼ next to SSH now. H. Edit /etc/nagios/objects/localhost.cfg and set the SSH service to use a check_command of check_ssh!-p2222 rather than the default of just check_ssh I. Restart nagios to use the updated configuration. Your critical situation should now go away soon. Testing Nagios Plugins Manually A. Execute an updatedb && locate check_ssh to find where the plugins path is. B. Execute that plugin without any parameters to see the proper syntax. C. Pass the option to specify port 2222 and localhost. Verify you get a valid status. D. Test the check_ntp command using time-a.nist.gov as your host. E. Check your e-mail queue by running the check_mailq plugin with the parameters -w 1 -c 5 F. Lastly use check_dns for mail.mynet

II.

III.

IV. ! # # # # # # ! # # # # # #

Adding SMTP and IMAP Service Monitoring A. Edit /etc/nagios/objects/localhost.cfg and add the following lines to the bottom of the file: ! define service { # # use# # # local-service # # host_name# # localhost # # service_description# SMTP # # check_command# check_smtp # # notifications_enabled# 1 # } ! define service { # # use# # # local-service # # host_name# # localhost # # service_description# IMAP # # check_command# check_imap # # notifications_enabled# 1 # }# # B. Restart the Nagios service and view the services for localhost again, IMAP/SMTP should be either “PENDING” or have valid statuses now. Wait for Nagios to auto-refresh if needed. Installing and Configuring Munin A. Install munin and munin-node using yum B. Edit /etc/munin/munin-node.conf and add allow ^10\.0\.0\.0$ C. Restart httpd to enable the new configuration file that was installed for Apache. D. Start the munin-node service and have it automatically load on system boot. E. Using your web browser on your host machine, go to https://<your VM IP>/munin/ 1. Note: It may take a few minutes to generate pages. Just wait if you donʼt see content. F. Run ln -s /usr/share/munin/plugins/bind9 /etc/munin/plugins/ and restart munin-node G. Refresh the Munin web site until you see an Other section to your graph list. DNS stats are here. H. Link the plugins: amavis, apache_accesses, named, postfix_mailstats, spamstats and restart munin-node and refresh the Munin site again until your new plugins show up. Password Protect Munin Site A. Edit /etc/httpd/conf.d/munin.conf to match the following lines: ScriptAlias /munin/cgi/ /var/www/munin/cgi/ <Directory /var/www/munin/cgi/> Options ExecCGI AuthName Munin AuthType Basic AuthUserFile /home/bjones/.htpasswd Require valid-user </Directory> Alias /munin/ /var/www/munin/ <Directory /var/www/munin/> AuthName Munin AuthType Basic AuthUserFile /home/bjones/.htpasswd Require valid-user </Directory> B. Restart the httpd service to have your configuration changes used. Test it. C. Logout of all shells. Save a VM snapshot and call it “Lab #8 Completed”.

V.

VI.

Master your semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master your semester with Scribd & The New York Times

Cancel anytime.