nagios安装配置

上线的服务器有时会被人攻击,导致服务不可用,今天安装配置了nagios对上线服务器进行监控,简单记录一下

#安装必要的软件包
yum install -y gcc glibc glibc-common gd gd-devel xinetd openssl-devel
#创建nagios用户及授予目录权限
useradd -s /sbin/nologin nagios
mkdir /usr/local/nagios
chown -R nagios.nagios /usr/local/nagios
#安装nagios
tar xf nagios-4.0.7.tar.gz
cd nagios-4.0.7
./configure --prefix=/usr/local/nagios
make all
make install && make install-init && make install-commandmode && make install-config
chkconfig --add nagios && chkconfig --level 35 nagios on && chkconfig --list nagios
#安装nagios-plugins
tar xf nagios-plugins-2.0.2.tar.gz
cd nagios-plugins-2.0.2
./configure --prefix=/usr/local/nagios
make && make install
#安装apache
tar xf httpd-2.2.23.tar.gz
cd httpd-2.2.23
./configure --prefix=/usr/local/apache2
make && make install
#安装php
tar xf php-5.5.13.tar.gz
cd php-5.5.13
./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache2/bin/apxs
make && make install

接下来配置apache

#生成nagios密码文件
/usr/local/apache2/bin/htpasswd -c /usr/local/nagios/etc/htpasswd admin
vim /usr/local/apache2/conf/httpd.conf
...
User nagios
Group nagios
...
<IfModule dir_module>
    DirectoryIndex index.html index.php
</IfModule>
...
AddType application/x-httpd-php .php
...
#setting for nagios
ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"
<Directory "/usr/local/nagios/sbin">
     AuthType Basic
     Options ExecCGI
     AllowOverride None
     Order allow,deny
     Allow from all
     AuthName "Nagios Access"
     AuthUserFile /usr/local/nagios/etc/htpasswd             //用于此目录访问身份验证的文件
     Require valid-user
</Directory> Alias /nagios "/usr/local/nagios/share"
<Directory "/usr/local/nagios/share">
     AuthType Basic
     Options None
     AllowOverride None
     Order allow,deny
     Allow from all
     AuthName "nagios Access"
     AuthUserFile /usr/local/nagios/etc/htpasswd
     Require valid-user
</Directory>

启动apache

vim /etc/init.d/httpd
#!/bin/sh
#
# Startup script for the Apache Web Server
#
# chkconfig: 345 85 15
# description: Apache is a World Wide Web server.  It is used to serve \
#           HTML files and CGI.
# processname: httpd
# pidfile: /usr/local/apache2/logs/httpd.pid
# config: /usr/local/apache2/conf/httpd.conf

# Source function library.
. /etc/rc.d/init.d/functions

# See how we were called.
case "$1" in
start)
echo -n "Starting httpd: "
daemon /usr/local/apache2/bin/httpd -DSSL
echo
touch /var/lock/subsys/httpd
;;
stop)
echo -n "Shutting down http: "
killproc httpd
echo
rm -f /var/lock/subsys/httpd
rm -f /usr/local/apache2/logs/httpd.pid
;;
status)
status httpd
;;
restart)
$0 stop
$0 start
;;
reload)
echo -n "Reloading httpd: "
killproc httpd -HUP
echo
;;
*)
echo "Usage: $0 {start|stop|restart|reload|status}"
exit 1
esac

exit 0

chmod +x /etc/init.d/httpd
chkconfig httpd on
/etc/init.d/httpd start

接下来配置nagios

#确保admin用户登录后有权限查看信息
vim /usr/local/nagios/etc/cgi.cfg
...
default_user_name=admin
authorized_for_system_information=nagiosadmin,admin
authorized_for_configuration_information=nagiosadmin,admin
authorized_for_system_commands=admin
authorized_for_all_services=nagiosadmin,admin
authorized_for_all_hosts=nagiosadmin,admin
authorized_for_all_service_commands=nagiosadmin,admin
authorized_for_all_host_commands=nagiosadmin,admin
...

#修改nagios主配置文件,将主机的定义都放在/usr/local/nagios/etc/hosts目录中
mkdir /usr/local/nagios/etc/hosts
vim /usr/local/nagios/etc/nagios.cfg
...
cfg_dir=/usr/local/nagios/etc/hosts
...

#添加一个自定义命令
vim /usr/local/nagios/etc/objects/command.cfg

...
# 'check_custom_http' command definition
define command{
        command_name    check_custom_http
        command_line    $USER1$/check_http -4 -N -H $ARG1$ -u $ARG2$
        }

# 'check_dns' command definition
define command{
        command_name    check_dns
        command_line    $USER1$/check_dns -v -H $ARG1$ -a $ARG2$ -w $ARG3$ -c $ARG4$
        }
...

#定义主机组
vim /usr/local/nagios/etc/hosts/group.cfg

define hostgroup{
        hostgroup_name    groupname1
        alias               groupname1
        members             server1 #server1必须在/etc/hosts里有对应的映射
}

#定义主机server1
vim /usr/local/nagios/etc/hosts/server1.cfg

define host{
        use                     linux-server
        host_name               server1
        alias                   server1
        address                 xx.xx.xx.xx
        notification_period     24x7
}
define service{
        use                             local-service         ; Name of service template to use
        host_name                       server1
        service_description             PING
        check_command                   check_ping!100.0,20%!500.0,60% ; 延时100ms丢包率大于20%时,则发出警告通知; 延时500ms丢包率大于60%时,则发出严重错误通知
}
;需要做好本机使用的DNS设置,在/etc/resolv.conf文件中定义
define service{
        use                             local-service         ; Name of service template to use
        host_name                       server1
        service_description             DNS
        check_command                   check_dns!xxx.test.com!xx.xx.xx.xx!4!10 ;连续解析域名发生4次错误,则发出警告通知;连续解析域名发生10次错误,则发出严重错误通知;
}
define service{
        use                             local-service         ; Name of service template to use
        host_name                       server1
        service_description             HTTP
        check_command                   check_custom_http!xxx.abc.com!/somepath/path1  ;注意这里的参数要以!分隔
}
define service{
        use                             local-service         ; Name of service template to use
        host_name                       server1
        service_description             SSH
        check_command                   check_ssh
}

#配置监控出现问题时要通知的联系人
vim /usr/local/nagios/etc/objects/contacts.cfg

define contact{
        contact_name                    user1                ; Short name of user
        use                             generic-contact         ; Inherit default values from generic-contact template (defined above)
        alias                           user1                ; Full name of user

        email                           user1@abc.com  ; <<***** CHANGE THIS TO YOUR EMAIL ADDRESS ******
        }

define contact{
        contact_name                    user2                ; Short name of user
        use                             generic-contact         ; Inherit default values from generic-contact template (defined above)
        alias                           user2                ; Full name of user

        email                           user2@abc.com  ; <<***** CHANGE THIS TO YOUR EMAIL ADDRESS ******
        }

 define contactgroup{
        contactgroup_name       admins
        alias                   Nagios Administrators
        members                 user1,user2
        }

重启nagios

1

/etc/init.d/nagios restart

刚才发现nagios监控到服务器异常也没有发邮件通知,查了一下,还需要配置mail命令可发送邮件

yum install mail
vim /etc/mail.rc
...
set from=abc-noreply@abc.com
set smtp=smtp.abc.com
set smtp-auth-user=abc-noreply@abc.com
set smtp-auth-password=somepwd
set smtp-auth=login
...

本文参与腾讯云自媒体分享计划,欢迎正在阅读的你也加入,一起分享。

发表于

我来说两句

0 条评论
登录 后参与评论

相关文章

来自专栏bboysoul

信息收集工具(Th3inspector Tool)安装使用体验

https://github.com/Moham3dRiahi/Th3inspector

14130
来自专栏大内老A

[原创]谈谈基于Kerberos的Windows Network Authentication - Part II

四、引入Ticket Granting  Service 通过上面的介绍,我们发现Kerberos实际上一个基于Ticket的认证方式。Client想要获取Se...

22490
来自专栏Adamshuang 技术文章

Zookeeper 通知更新可靠吗? 解读源码找答案!

遇到Keepper通知更新无法收到的问题,思考节点变更通知的可靠性,通过阅读源码解析了解到zk Watch的注册以及触发的机制,本地调试运行模拟zk更新的不可靠...

1.2K80
来自专栏IT笔记

前后端分离之SpringBoot项目Token认证

写在开始 有人说,爱上一座城,是因为城中住着某个喜欢的人。其实不然,爱上一座城,也许是为城里的一道生动风景,为一段青梅往事,为一座熟悉老宅。或许,仅仅为的只是这...

49390
来自专栏杨建荣的学习笔记

曲折的10g,11g中EM的安装配置过程(r4笔记第98天)

今天在本地搭了一套oracle环境,首先安装数据库的时候顺带了EM,结果安装好之后想修改监听器的端口,把原本15521的端口换成别的,结果在目录中修改了几个参数...

29230
来自专栏以南小隐-数通那些事儿

EVE-NG-PRO导入IOL镜像《EVE-NG系列教程三》

6.6K20
来自专栏杨建荣的学习笔记

查看并行进程的一些简单信息(r3笔记第17天)

在使用并行的时候,总能看到进程中出现一些ora_p这样的进程。有时候查看问题的时候只看到并行进程在运行,却没有思路去查找倒底是哪些session在干些什么,下面...

31160
来自专栏上善若水

005工具及环境之nmap一览

Nmap (“Network Mapper(网络映射器)”) 是一款开放源代码的 网络探测和安全审核的工具。它的设计目标是快速地扫描大型网络,当然用它扫描单个 ...

13830
来自专栏木宛城主

SharePoint 2013 Farm 安装指南——Least Privilege

写过很多关于SharePoint 2013 安装,这是第四篇。可能你会觉得为什么如此简单的安装至于花那么多精力去折腾吗。我的答案是肯定的。知识的积累不是一蹴而...

21950
来自专栏一个默默无闻的工程师的日常

openstack ocata部署ceilometer+gnocchi

57240

扫码关注云+社区

领取腾讯云代金券