nothing is impossible!!!!

nothing is impossible!!!!

Tuesday, June 30, 2009

Nagios: How to monitor a website

check_http supports arguments like hostname, hostaddress, URI etc.
you can have,
check_http -H $ARG1 -I $ARG2 -u $ARG3
$ARG1 - hostname
$ARG2 - hostaddress
$ARG3 - URI -

Also check "check_http --help" for more details.

Nagios: Adding Cisco enterprise MIBs

(Taken from nagios user list)

- Default directory for snmp mibs are /usr/share/snmp/mibs/ if you have libsnmp-base package installed.

- to verify that the mibs are working, you can use a mib browser such as mbrowse (apt-get install mbrowse).

- not all OIDs in a MIB are supported for all IOS versions. Cisco usually has a link for each IOS version and what MIBs are supported.

- once the mib is verified and working, use the check_snmp check_command
in your .cfg files of the routers and switches you want to monitor.

Nagios: Default parameter with check_total_procs

We define service like this,

define service{
service_description Total_Processes
check_command check_nrpe!check_total_procs


By default this check is an execution of check_procs with only the warning and critical thresholds, so it counts all processes running on your machine.

The thresholds are configured in the nrpe.cfg on the remote machine.

- Nilesh

Install and Configure Nagios Plugins & NRPE on Solaris 10

I came across lots of issues to do this installation so here is a step by step installation of Nagios Plugins and NRPE on Solaris 10.

Add “nagios” user as “/usr/local/nagios” as home directory.

# useradd -c “Nagios User” -d /usr/local/nagios -m nagios

Change ownership of directory to nagios

# chown nagios:nagios /usr/local/nagios/

download nagios-plugins and nrpe from net. I have download them from sourceforge.

# mkdir /nagios; cd /nagios



Now extract them

# gunzip nagios-plugins-1.4.13.tar.gz; gunzip nrpe-2.12.tar.gz

# tar xvf nagios-plugins-1.4.13.tar.gz; tar xvf nrpe-2.12.tar.gz

Before compiling I had to set PATH to find gcc binary,

# export PATH=$PATH:/usr/sfw/sbin:/usr/sfw/bin:/usr/ccs/bin

# cd nagios-plugins-1.4.13;

# ./configure –without-mysql (I did want to install with mysql support)
# make; make install
# chown -R nagios:nagios /usr/local/nagios/libexec

Install NRPE with SSL library support otherwise you will get error while compilation like this,

“checking for SSL headers… configure: error: Cannot find ssl headers”

If you run “dmesg” or if you check system messages you can see this error.

May 28 19:08:26 inetd[24233]: [ID 702911 daemon.error] Failed to set credentials for the inetd_start method of instance svc:/network/nrpe/tcp:default (chdir: No such file or directory)
May 28 19:15:27 inetd[24241]: [ID 702911 daemon.error] Failed to set credentials for the inetd_start method of instance svc:/network/nrpe/tcp:default (chdir: No such file or directory)

# cd nrpe-2.12; ./configure –with-ssl=/usr/sfw/ –with-ssl-lib=/usr/sfw/lib/ –with-ssl-inc=/usr/sfw/include

Still if you compilation fails please apply these faqs/solutions given in nagios faqs.

In my case I had to make changes in src/nrpe.c for encryption. Do make all, make install to create respective binaries.

# make all; make install; make install-daemon-config;

Once that is done, modify nrpe.cfg with approprite settings. Add following line at the end of /etc/services

nrpe 5666/tcp # NRPE

Also add this line to /etc/inetd.conf and convert it into SMF and enable service with -e option. Also checkout whether it went online.

nrpe stream tcp nowait nagios /usr/sfw/sbin/tcpd /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -i

# inetconv; inetconv -e

# svcs | grep nrpe

Check if 5666 port is open and in LISTEN mode.

# netstat -a | grep nrpe

Make sure that your /etc/hosts.allow and /etc/hosts.deny does not block your nagios server. Here are the entries

hosts.allow: nrpe:,

hosts.deny: nrpe: ALL

Final command, make sure that nrpe returns correct output.

# /usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.12

Monday, June 29, 2009

Open Audit

There is no documentation available for this Open Source Tool. These all points written while going through open-audit documentation.

What it Open Audit?
- It audits hardware and software it discovers on the your computer.
- Use's MySQL database to store all discovered data.
- PHP used to display information stored in MySQL database.
- Apache to make it available through web interface.

What is audit.vbs?
- audit.vbs reads data from Microsoft's Windows Management Interface (WMI) and posts its findings to the server.
- OA collects the data using audit.vbs script and write directly to web server through POST method.

Schedule an audit?
- use "at" command to schedule an audit.
- audit domain everyday at some specific time, (can also use windows schedule task)
at 18:00 /interactive /every:M,T,W,Th,F,S,Su "C:\Program Files\xampp\htdocs\scripts\audit_mydomain.bat"
- audit_mydomain.bat contains something like....
@echo off
rem audit local domain pcs
cscript audit.vbs
cscript nmap.vbs

Friday, June 26, 2009

OTRS Issues - Phase I

Putting it from for my own information.
Problem: How to Clean up the database.?
- You can use the Generic Agent to remove all or some ticket based on criteria.
- With a bulk change you could set all or some tickets to state 'removed' for instance, and than run GA on it.
- Deleting customers/agents is harder, like for some other data types. You could do it in the database (phpmyadmin), or you can do like I do, recycle. Make them invalid, rename them to INVALID... en reuse (rename) when needed.

Problem : How to setup LDAP Authentication?
#Enable LDAP authentication for Customers / Users
$Self->{'Customer::AuthModule'} = 'Kernel::System::CustomerAuth::LDAP';
$Self->{'Customer::AuthModule::LDAP::Host'} = '';
$Self->{'Customer::AuthModule::LDAP::BaseDN'} =
$Self->{'Customer::AuthModule::LDAP::UID'} = 'sAMAccountName';

#The following is valid but would only be necessary if the
#anonymous user do NOT have permission to read from the LDAP tree
# $Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'otrsldap';
# $Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'password';
$Self->{'Customer::AuthModule::LDAP::SearchUserDN'} = 'MyDomain\otrsldap';
$Self->{'Customer::AuthModule::LDAP::SearchUserPw'} = 'password';

#(customer user database backend and settings)
$Self->{CustomerUser} = {
Module => 'Kernel::System::CustomerUser::LDAP',
Params => {
Host => '',
BaseDN => 'ou=user,ou=dublin,dc=int,dc=domain,dc=com',
SSCOPE => 'sub',
UserDN =>'otrsldap',
UserPw => 'password',

# customer unique id
CustomerKey => 'sAMAccountName',
# customer #
CustomerID => 'mail',
CustomerUserListFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchFields => ['sAMAccountName', 'cn', 'mail'],
CustomerUserSearchPrefix => '',
CustomerUserSearchSuffix => '*',
CustomerUserSearchListLimit => 250,
CustomerUserPostMasterSearchFields => ['mail'],
CustomerUserNameFields => ['givenname', 'sn'],
Map => [
# note: Login, Email and CustomerID needed!
# var, frontend, storage, shown, required, storage-type
#[ 'UserSalutation', 'Title', 'title', 1, 0, 'var' ],
[ 'UserFirstname', 'Firstname', 'givenname', 1, 1, 'var' ],
[ 'UserLastname', 'Lastname', 'sn', 1, 1, 'var' ],
[ 'UserLogin', 'Login', 'sAMAccountName', 1, 1, 'var' ],
[ 'UserEmail', 'Email', 'mail', 1, 1, 'var' ],
[ 'UserCustomerID', 'CustomerID', 'mail', 0, 1, 'var' ],
#[ 'UserPhone', 'Phone', 'telephonenumber', 1, 0, 'var' ],
#[ 'UserAddress', 'Address', 'postaladdress', 1, 0, 'var' ],
#[ 'UserComment', 'Comment', 'description', 1, 0, 'var' ],

#Add the following lines when only users are allowed to login if they
reside in the spicified security group
#Remove these lines if you want to provide login to all users specified in
the User Base DN
#example: $Self->{'Customer::AuthModule::LDAP::BaseDN'} = 'ou=BaseOU,
dc=example, dc=com';
$Self->{'Customer::AuthModule::LDAP::GroupDN'} =
'CN=OTRS_Users,OU=Security Groups,OU=Dublin,DC=int,DC=domain,DC=com';
$Self->{'Customer::AuthModule::LDAP::AccessAttr'} = 'member';
$Self->{'Customer::AuthModule::LDAP::UserAttr'} = 'DN'


Few important points about OTRS:
- The queue view only displays unlocked tickets by default.
- There is a line that says "Tickets shown..... All Tickets xx" The xx is a link which should display all tickets locked and unlocked which are in your "My Queues".