The case for device monitoring

Having a tool in place that monitors systems and resources is an important part of an IT department.
No IT worker can be on duty 24x7. Everyone has more productive things to do with their time than to make sure a server is up or a service is functioning properly. Can help notify you of minor problems before they become big problems.
Example: EZProxy loosing HTTP service

What is it?
Nagios is software that will watch your servers, switches, routers, appliances, databases, the list is endless, and notify you when things change from normal operating parameters.
It runs on a variety of linux distributions. It is open source and free to download but also has paid support for those who need it. It is flexible and can be configured in a variety of ways to fit any organization.

Ugly but has brains

Nagios is a simple product at its core. It does not have pretty graphics nor is it flashy. It does one thing, monitor your stuff and it does it very well.
It can be configured for something as small as a home network up to an enterprise deployment with thousands of nodes. If flashy is important to you or people you report to, there are add-ons such as NagVis that will make Nagios much more graphical and pretty.

What are the system requirements?

Your preferred distro of linux.
256MB of RAM 10GB hard drive

10MB NIC
SSH access to the server I currently monitor hundreds of services and over a hundred nodes using a machine similar to these specifications and have no performance issues.

Who uses it?

Redhat has an IT footprint of:
65+ offices 80+ labs 2 DCs, in 29 countries 1,500+ managed servers 300+ TB of managed storage 500+ core network devices 15,000+ network endpoints 12 call centers

They use Nagios as their monitoring solution.

Other companies using it?

Understanding how it works

Nagios has several parts and understanding how they all work together is important for creating a successful deployment.
The parts are:
Core Configuration files Plugins Web interface

Core
The core is the heart of the program. It is what does the monitoring, alerting, scheduling, communications.
For windows users, you can think of this as the .exe file. It is installed as a service and for the most part, after a successful installation you wont deal with the core directly again.

Configuration Files
A Nagios install lives and dies by the configuration files.
Everything is done via these files from setting up schedules, contacts, things to monitor, services to check.

They are plain text files but do not let that fool you, they are very powerful and allow you to make Nagios do anything you want.

Plugins
Plugins are what allows Nagios to watch your devices and services.
The Nagios core is not capable of monitoring anything directly, it is all done via plugins.

The standard set of plugins is robust and encompasses a variety of operating systems, services and hardware.
There is a community of developers that create additional plugins for more obscure or for specific needs that are not met by the standard set.

Web Interface
The web interface is the only visual part of Nagios that you can see.
It aims for function over flashy. It has basic control components built into it but it primarily is meant to give a visual monitoring overview of your devices. No configuration is done via the web interface.

How the parts fit together?

Core Config Files

Web Interface

Plugins

Nagios deployment, where to start?

If you leave with only one piece of advice from this presentation, it should be this:

START SMALL
KEEP IT SIMPLE

Start Small and Keep It Simple!

Start small I suspect some of you have visions of having a HAL inspired computer that takes over all aspects of monitoring for you. You can achieve this level of automation but you need to walk before you can run. Get a basic Nagios deployment up and running and gradually increase the number of things you monitor.

Start Small and Keep It Simple!

Keep it Simple Start with PING. I know it is kind of boring but it is very useful for monitoring your network. Add additional services one at a time and gradually attach those services to devices for monitoring. Your Nagios deployment will naturally grow in complexity and usefulness over time.

PING Simple but effective

The simplest monitoring tool available to most administrators is PING.
Nagios can easily be setup to PING devices at a regular interval and notify when a device fails to respond to a PING and re-notify when a device later starts to respond again to PING. For many deployments, this is an adequate amount of monitoring and no further configuration needs to be done.

Hooking Nagios into windows, linux and network hardware

For those who want to move beyond ping there are additional ways to retrieve information from devices.
NSClient++
for monitoring windows based systems

NRPE
Nagios Remote Plugin Executor, for monitoring linux and other *UX* based systems

SNMP
simple network management protocol, for monitoring hardware that supports this standard

Important Commands
Start, Stop, Restart Nagios:
sudo /etc/init.d/nagios3 start sudo /etc/init.d/nagios3 stop sudo /etc/init.d/nagios3 restart
(this is the one you will use the most)

Verify Nagios Configuration Files

sudo /usr/sbin/nagios3 -v /etc/nagios3/nagios.cfg

Important directory locations

/etc/nagios3
Contains all the primary config files
(youll be in this directory often)

etc/nagios-plugins
Contains config files for the plugins

/usr/lib/nagios/plugins/
Contains the binary files of the plugins

/usr/share/nagios3/htdocs/media/
Fun stuff, custom sounds

/usr/share/nagios/htdocs/images/logos/base
Fun stuff, Icons for your hosts

/etc/nagios
Contains the NRPE files for the remote linux host

NSClient++
NSClient is a very small plugin that is installed on a windows computer that will allow you to monitor a variety of things including but not limited to:
Memory Total and available RAM CPU Load average Disk Total and available hard drive space Service Confirm a specific service is running UpTime Operating system uptime EventLog Scan the event log for errors

http://nsclient.org/nscp/

NRPE
NRPE is Nagios Remote Plugin Executor
Allows Nagios Core to execute plugins remotely on a system Essentially allows you to install any Nagios plug in, be it part of the standard set or an extra one on a remote linux server and feed the results of that back to your Nagios server. Packages exist for a variety of linux flavors so you do not need to be running the same version of linux on the remote system as your Nagios deployment is installed on.

SNMP
Simple Network Management Protocol
SNMP is part of the standard set of Nagios plugins You need to obtain the MIBs for the device you are wanting to monitor and copy them to your Nagios server. The MIBs typically are obtained via the manufacture or via 3rd party websites. We could spend days on SNMP alone so we will get you started but since every device is unique in how their MIBs are designed you will need to do some trial and error to get it working properly. If you follow the steps to install used in this presentation, the location you should copy the MIBs to is:
/usr/share/snmp/mibs/

Understanding the config files

Everything is done via the configuration files The names of the configuration files are meaningless. Nagios parses all config files when it starts so you could add a new host in the commands.cfg file and it would treat those few lines as if they were in the hosts.cfg file. It is feasible that you could condense all config files down into one long one if you so chose.

Important config files for Nagios core

commands.cfg
Commands are located here Default directory: /etc/Nagios3/ This location is specified in Nagios.cfg

Nagios.cfg
Primary configuration file for Nagios core Default directory: /etc/Nagios3/

resource.cfg
Contains variable names for $USER1$, $USER2$ Default directory: /etc/Nagios3/ This location is specified in Nagios.cfg

Configuration files that relate to hosts, devices, services etc.

Default directory: /etc/Nagios3/conf.d/ This location is specified in Nagios.cfg

Config File Flow Chart

Show Picture Nagios-config.png

NRPE Show and Tell

sudo /usr/lib/Nagios/plugins/check_nrpe -H 192.168.166.130 -c check_load

You must edit the nrpe.cfg file on the target machine to include the Nagios server IP
You can customize the example commands in this file to tweak it to your needs.

NSClient++ Show and Tell

sudo /usr/lib/Nagios/plugins/check_nt -H 192.168.166.129 -p 12489 -v UPTIME

You must have installed the NSClient service on the target machine for this to work. It is case sensitive! v uptime will not work but v UPTIME will.
You will need to create custom commands to monitor partitions C:, D:, G: etc.

Useful Websites
Nagios:
http://www.Nagios.org/

Nagios Plugins:
http://Nagiosplugins.org/

NSClient++
http://nsclient.org/nscp/

NRPE
http://www.Nagios.org/download/addons

SNMP
http://www.net-snmp.org/

General help for Nagios deployed using Ubuntu

https://help.ubuntu.com/community/Nagios https://help.ubuntu.com/9.10/serverguide/C/Nagios.html http://Nagios.sourceforge.net/docs/3_0/quickstart-ubuntu.html

Disclaimers
All company and product names used in this presentation are trademarked by their respective owners.
This presentation and videos are licensed under Creative Commons:
Creative Commons Attribution-NonCommercial-ShareAlike 3.0