search for: check_nrpe

On Sun, May 03, 2015 at 08:25:45PM -0400, Tim Dunphy wrote: > Rather than a yum install. If I install the nrpe package from yum I don't > find a check_nrpe script on the system for some reason! That's because the 'check_nrpe' command isn't in the nrpe package. It's in the nagios-plugins-nrpe package. The executable is installed, along side all other nagios check commands, as /usr/lib64/nagios/plugins/check_nrpe. -- Jonathan Bi...

Hi Eric, Thanks for your reply. I do have nrpe running under xinetd on the host I'm trying to monitor. And running the nrpe checl locally: [root at ops:~] #/usr/local/nagios/libexec/check_nrpe -H localhost NRPE v2.15 [root at ops:~] #grep only_from /etc/xinetd.d/nrpe only_from = 127.0.0.1 216.120.248.126 And I do have port 5666 open on the security group for this host. And I made sure the local firewall was stopped, because I am blocking ports with the security groups in...

Tim, where did you installed this nrpe package? is selinux running enforcing mode (getenforce command), try disabling with setenforce 0. why you are running it under xinetd as usual way is to run it as nrped daemon. test against with check_nrpe, not using telnet. -- Eero 2015-05-04 2:27 GMT+03:00 Stephen Harris <lists at spuddy.org>: > On Sun, May 03, 2015 at 07:23:19PM -0400, Tim Dunphy wrote: > > [root at puppet:~] #telnet localhost 5666 > > This is using TCP > > > [root at monitor1:~] #nmap -p 5666 pupp...

...-name "*nrpr" 2> /dev/null > > [root at monitor1:~] # > > > > And that's on either system. > > > > And if I do an ldd on both, this is what I can tell: > > > > Server: > > > > [root at monitor1:~] #ldd /usr/local/nagios/libexec/check_nrpe > > linux-vdso.so.1 => (0x00007fffd895d000) > > * libssl.so.10 => /lib64/libssl.so.10 (0x00007fc61722a000)* > > * libcrypto.so.10 => /lib64/libcrypto.so.10 (0x00007fc616e43000)* > > libnsl.so.1 => /lib64/libnsl.so.1 (0x00007fc616c29...

...tions (-l for more info) > SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required > TCP Wrappers Available > > And if I go back to the monitoring host and try to run nrpe with the -n > flag, this is what I get: > > [root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -n -H > ops.jokefire.com > *CHECK_NRPE: Error receiving data from daemon.* > > And still getting the SSL error without the -n flag: > > [root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H > ops.jokefire.com > *CHECK_NRPE: Error - Could not complete SSL handshake.*...

...d for libssl. I don't seem to have that command. [root at monitor1:~] #find / -name "*nrpr" 2> /dev/null [root at monitor1:~] # And that's on either system. And if I do an ldd on both, this is what I can tell: Server: [root at monitor1:~] #ldd /usr/local/nagios/libexec/check_nrpe linux-vdso.so.1 => (0x00007fffd895d000) * libssl.so.10 => /lib64/libssl.so.10 (0x00007fc61722a000)* * libcrypto.so.10 => /lib64/libcrypto.so.10 (0x00007fc616e43000)* libnsl.so.1 => /lib64/libnsl.so.1 (0x00007fc616c29000) libc.so.6 => /lib64/libc...

Hello, I am trying to monitor a host in the Amazon EC2 cloud. Yet when I try to check NRPE from the monitoring host I am getting an SSL handshake error: [root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H ops.jokefire.com CHECK_NRPE: Error - Could not complete SSL handshake. And if I telnet into the host on port 5666 to see if the FW port is open, the connection closes right away: [root at monitor1:~] #telnet ops.somewhere.com 5666 Trying 54.225.218.125... Connected to ops.somewhere.com. Escape...

...6-2013 License: GPL v2 with exemptions (-l for more info) SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required TCP Wrappers Available And if I go back to the monitoring host and try to run nrpe with the -n flag, this is what I get: [root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -n -H ops.jokefire.com *CHECK_NRPE: Error receiving data from daemon.* And still getting the SSL error without the -n flag: [root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H ops.jokefire.com *CHECK_NRPE: Error - Could not complete SSL handshake.* Running nmap from the monitor host I...

...SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required > > TCP Wrappers Available > > > > And if I go back to the monitoring host and try to run nrpe with the -n > > flag, this is what I get: > > > > [root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -n -H > > ops.jokefire.com > > *CHECK_NRPE: Error receiving data from daemon.* > > > > And still getting the SSL error without the -n flag: > > > > [root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H > > ops.jokefire.com > > *CHECK_NRPE: Err...

...s usual way is to run it as nrped daemon. > For NRPE I usually do a source install with these flags: ./configure make all make install-plugin make install-daemon make install-daemon-config make install-xinetd Rather than a yum install. If I install the nrpe package from yum I don't find a check_nrpe script on the system for some reason! I demonstrate this on another system than the ones I've been working with in this thread: [root at monitor1:~] #rpm -qa | grep nrpe | grep -v mcollective nrpe-2.15-2.el7.x86_64 [root at monitor1:~] #find / -name "check_nrpe" [root at monitor1:~...

...of note? I'm leaving iptables off in this host. Because it's an AWS EC2 host I'm managing the firewall ports using the AWS security groups. [root at ops:~] #service iptables status Firewall is stopped. But still, there's this... [root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H ops.jokefire.com CHECK_NRPE: Error - Could not complete SSL handshake. Sadly.... :( Thanks for your input tho! On Fri, May 1, 2015 at 3:18 PM, Brian Miller <centos at fullnote.com> wrote: > On Fri, 2015-05-01 at 01:32 -0400, Tim Dunphy wrote: > > And I made sure the local fire...

...> > > [root at monitor1:~] #find / -name "*nrpr" 2> /dev/null > [root at monitor1:~] # > > And that's on either system. > > And if I do an ldd on both, this is what I can tell: > > Server: > > [root at monitor1:~] #ldd /usr/local/nagios/libexec/check_nrpe > linux-vdso.so.1 => (0x00007fffd895d000) > * libssl.so.10 => /lib64/libssl.so.10 (0x00007fc61722a000)* > * libcrypto.so.10 => /lib64/libcrypto.so.10 (0x00007fc616e43000)* > libnsl.so.1 => /lib64/libnsl.so.1 (0x00007fc616c29000) > li...

> > It's listening on both IPv6 and IPv4. Specifically, why is that a problem? The central problem seems to be that the monitoring host can't hit nrpe on port 5666 UDP. [root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H puppet.mydomain.com CHECK_NRPE: Socket timeout after 10 seconds. It is listening on the puppet host on port 5666 [root at puppet:~] #lsof -i :5666 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME xinetd 2915 root 5u IPv6 24493 0t0 TCP *:nrpe (LISTEN) And the firewall is all...

...07:32 schrieb "Tim Dunphy" <bluethundr at gmail.com>: > Hi Eric, > > Thanks for your reply. I do have nrpe running under xinetd on the host I'm > trying to monitor. > > And running the nrpe checl locally: > > [root at ops:~] #/usr/local/nagios/libexec/check_nrpe -H localhost > NRPE v2.15 > > [root at ops:~] #grep only_from /etc/xinetd.d/nrpe > only_from = 127.0.0.1 216.120.248.126 > > And I do have port 5666 open on the security group for this host. > > And I made sure the local firewall was stopped, because I am block...

When executing the following command : [root at nagios ~]# /usr/local/nagios/libexec/check_nrpe -H ip_address -c check_asterisk_peers I get the following output : NRPE: Unable to read output Somewhere Nagios does not have enough rights to question Asterisk about the sip peers. These are the rights of the check_nrpe on the Nagios Server : [root at nagios ~]# ls -l /usr/local/nagios/libexe...

...[root at puppet:~] #telnet localhost 5666 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. I notice if I stop the firewall on the puppet host (for no more than 2 seconds) and hit NRPE from the monitoring host it works: [root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H puppet.mydomain.com NRPE v2.15 But as soon as the firewall has been enabled on the puppet host (a microsecond later) I get this result: [root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H puppet.mydomain.com connect to address 216.120.xxx.xxx port 5666: No route to host connect to ho...

..._config of the remote host is found below[3]. The nagtest user on the remote host has: - this /etc/passwd entry: nagtest:x:54115:100::/home/nagtest:/bin/bash - a .bashrc and .profile in his homedir 1) NRPE (with it's fake-SSL mode) alone, no SSH or so at all: # time /usr/lib/nagios/plugins/check_nrpe -H host.example.org -c check_load OK - load average: 0.00, 0.02, 0.00|load1=0.000;15.000;30.000;0; load5=0.020;10.000;25.000;0; load15=0.000;5.000;20.000;0; real 0m0.047s user 0m0.000s sys 0m0.004s # time /usr/lib/nagios/plugins/check_nrpe -H host.example.org -c check_load OK - load average:...

..."Tim Dunphy" <bluethundr at gmail.com>: > Hello, > > I am trying to monitor a host in the Amazon EC2 cloud. > > Yet when I try to check NRPE from the monitoring host I am getting an SSL > handshake error: > > [root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H > ops.jokefire.com > CHECK_NRPE: Error - Could not complete SSL handshake. > > And if I telnet into the host on port 5666 to see if the FW port is open, > the connection closes right away: > > [root at monitor1:~] #telnet ops.somewhere.com 5666 > Trying 54.225.218.125......

...f in this host. Because it's an AWS EC2 host I'm > managing the firewall ports using the AWS security groups. > > [root at ops:~] #service iptables status > Firewall is stopped. > > But still, there's this... > > [root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H ops.jokefire.com > CHECK_NRPE: Error - Could not complete SSL handshake. > > Sadly.... :( > > Thanks for your input tho! Does 'ldd /usr/local/nagios/bin/nrpe' show any missing libs?

...'t nrpe have a log file? Maybe even > secure. Hmmm I don't find any log specific to nrpe. In other words I don't see /var/log/nrpe.log or whatever. :) And when I tail -f /var/log/secure or /var/log/messages I don't see any entries turning up in them when I hit the client with check_nrpe. I was checking the logs on the client itself. > > >> Also nrpe needs to be told from where connections are allowed whether > >> running under an inetd or self-daemonized. > > > >Yep! I've set the only_from to have only the loopback address and the IP > &gt...