Monday, January 16, 2006

Step 7 - Configure NRPE daemon on the remote hosts

For Monitoring Remote Hosts

NRPE - Nagios Remote Plugin Executor
Daemon and plugin for executing plugins on remote hosts

Nrpe is needed only to execute internal commands in remote host
like check_disk,
check_procs etc ..., and not for any external commands
like check_smtp,
check_pop which is used to see if a smtp, pop or a imap service is running.

This allows commands to be executed on remote hosts

check_nrpe - Runs on Nagios hosts this Plugin is used to send execution requests to the nrpe agent on the remote host.

nrpe - Agent that runs on the remote host and processes plugin execution requests

nrpe.cfg - Configuration file for the remote host agent

The check_nrpe plugin runs on the Nagios host and is used to send plugin execution requests to the nrpe agent on the remote host.

The nrpe agent will then run an appropriate plugins on the remote host and return the plugin output and return code to the check_nrpe plugin on the Nagios host.

The check_nrpe plugin then passes the remote plugin's output and return code back to Nagios as if it were its own. This allows for a rather transparent method of executing plugins on remote hosts. The nrpe agent can either be run as a standalone daemon or as a service under inetd.

Two Things you need to do for Configuring NRPE :

** The System where you Installed Nagios **

- Copy the check_nrpe client to the directory that
contains your Nagios plugins.
- Create a command definition in your Nagios config
file for the NRPE client. See the README file for
more info on doing this.

** The remote Sytem where you want to check for Services running **

- Copy the nrpe daemon to /usr/sbin, /usr/local/nagios
or wherever you feel it fits best.
- Copy the sample nrpe.cfg config file to /etc,
/usr/local/nagios or wherever you feel it fits best.
- Modify the /etc/services file and configure NRPE to
run under inetd, xinetd, or as a standalone daemon.
See the README file for more info on doing this.

Notes :

When running in daemon mode, the nrpe agent authenticates plugin execution requests by doing a rudimentary comparison of the IP address of the calling host against a list of allowed IP addresses in the configuration file.

When running under inetd, TCP wrappers can be employed to restrict access to the nrpe agent

There are a variety of ways you can monitor "local" or "private" services which are not normally exposed publicly. Some addons and tools you can use to accomplish this are listed below. Note that these generally apply only to services running on *NIX boxes

Use the check_by_ssh "plugin" to execute a plugin on a remote host. The check_by_ssh plugin is basically a wrapper for executing a plugin on a remote host using SSH. You must have SSH installed and configured properly in order to use this. In addition, any plugin you want to execute on the remote host must be installed on the remote host beforehand.

Use the nrpep or nagios_statd addons. These addons work in a similiar manner to the nrpe daemon. They are available for download from

If you are running SNMP services on the remote host, you could use the check_snmp plugin to check the value of various OIDs that you're interested in.

No comments: