nagios ＆＆ nagios-plugin 安装

--------------1.install the packages for support nagios----------------------------------

#yum insatll httpd php

#touch /var/www/html/index.php && echo '<?php phpinfo(); ?>' > /var/www/html/index.php && elinks 

http://localip/index.php \\don't forget added the index.php type!

#yum install zlib gd libpng libjpeg

--------------2.download nagios and plugins from http://www.nagios.org/download/----------

#nagios && nagios-plugins && nrpe

--------------3.install nagios and plugins----------------------------------------

#groupadd nagcmd

#useradd -G nagcmd -d /usr/local/nagios -s /sbin/nologin nagios

#usermod -G nagcmd apache

#tar xvf nagios-version.tar.bz2

#cd nagios-version

#./configure --prefix=/usr/local/nagios --with-nagios-user=nagios --with-group-group=nagios --with-command-group=nagcmd

#make all

#make install

#make install-init

#make install-commandmod

#make install-config

#make install-webconf \\nagios.conf in /etc/httpd/conf.d/

#edit cgi.cfg >> use_authentication=0

#tar xvf nagios-plugins-version.tar.bz2

#cd nagios-plugins-version

#./configure --with-nagios-user=nagios --with-nagios-group=nagios --prefix=/usr/local/nagios --with-mysql=/usr/mysql

#make && make install

#chwon -R nagios.nagios /usr/local/nagios

#vi /usr/local/nagios/etc/onjects/contacts.cfg \\change the email add to yours!

#/usr/local/nagios/bin/nagios -v /usr/lcoal/nagios/etc/nagios.cfg  \\just a test!

htpasswd –c /usr/local/nagios/etc/.htpasswd nagios

-------------4.install nrpe-------------------------------------------------------

##server

#tar xvf nrpe-version.tar.bz2

#cd nrpe-version

#./configure --prefix=/usr/local/nagios

#make all

#make install-plugin

#make install-daemon

#make install-daemon-config

#vi nrpe.cfg >> allowed_host=CLIENT_ADD && vi hosts.allow>>nrpe:cliendadd

#/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d

#echo '/usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d' >> /etc/rc.local

{options:-d daemon && -i service && -n without ssl}

#ps -aux|grep nrpe |awk '{print $2}' |xargs kill -9 {}\; && /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d \\reset the nrpe service

##client

#./configure --prefix=/usr/local/nagios

#make all

#make install-plugin \\it is ok for nrpe client now!

#/usr/local/nagios/libexec/check_nrpe -H SERVER_ADD

{options:-n without ssl}

\\make sure the firewall and selinux allow the 5666 port!!!

-------------5.edit commands-------------------------------------------------------

#vi commands.cfg \\define the check_nrpe command

-------------------------------------------------------------------------------

# ‘check_nrep’ command definition

define command{

command_name check_nrpe

command_line /usr/local/nagios/libexec/check_nrpe -H $HOSTADDRESS$ -c $ARG1$

}

-------------------------------------------------------------------------------

##\\here is the example!

#check_command      check_nrpe!check_disk!20%!10%

#../libexec/check_by_ssh -H 192.168.1.108 -C “/app/nagios/libexec/check_disk -

w 10% -c 5% -p /”

#\\options: -u username

-------------6.set selinux to Permisssive------------------------------------------

#setenforce 0

-------------7.start the service--------------------------------------------------

#chkconfig --add nagios && chkconfig nagios on

#service httpd start

#service nagios start

#elinks http://localip/nagios/

----------------------------SECURITY----------------------------------------------

1.edit the apache Directory

<Directory>

Options：ExecCGI

AllowOverride：None

Order allow：deny

Allow from：192.168.4.  \\don't allow from all!

AuthName："Nagios Access"

AuthType：Digest \\ Basic:clear text | Digest use MD5

AuthDigestFile：/usr/local/nagios/etc/htpasswd.users

Require：valid-user

</Directory>

#htdigest -c /usr/local/nagios/etc/htpasswd.users realm username

#echo 'nrpe:192.168.0.108' >> /etc/hosts.allow

####part of /nagios/etc/nrpe.cfg

#nrpe_user=nagios

#nrpe_group=nagios \\never use root

#dont_blame_nrpe=0 \\deny command arguments

2.enable ssl

---create keys--

# openssl genrsa -des3 -out server.3des-key 1024

# openssl rsa -in server.3des-key -out server.key

# openssl req -new -key server.key -x509 -out server.crt -days 365

# chmod 600 server.key

# rm server.3des-key

# mv server.crt /etc/ssl/

# mv server.key /etc/ssl/private/

###edit Directory###

<Directory>

Options：ExecCGI

SSLRequireSSL          \\enable ssl

AllowOverride：None

Order allow：deny

Allow from：192.168.4.  \\don't allow from all!

AuthName："Nagios Access"

AuthType：Digest \\ Basic:clear text | Digest use MD5

AuthDigestFile：/usr/local/nagios/etc/htpasswd.users

Require：valid-user

</Directory>

3.update nagios!!!