Install Nagios Core 4.3.2 in Debian Stretch Part 1

About Nagios

Nagios is an enterprise class, open source software that can be used for network and infrastructure monitoring. Using Nagios, we can monitor servers, switches, applications and services etc. It alerts the System Administrator when something goes wrong and also alerts back when the issues have been rectified.

Features

Using Nagios, you can:

  • Monitor your entire IT infrastructure.
  • Identify problems before they occur.
  • Know immediately when problems arise.
  • Share availability data with stakeholders.
  • Detect security breaches.
  • Plan and budget for IT upgrades.
  • Reduce downtime and business losses.

Prerequisites

Make sure your server have installed with fully working LAMP stack. If not, follow the below link to install LAMP server.

Then install the following prerequisites:

apt-get install build-essential libgd2-xpm-dev apache2-utils unzip curl
a2enmod rewrite
a2enmod cgi

Create Nagios User And Group

Create a new nagios user account:

useradd -m nagios
passwd nagios

Create a new

Continue Reading

Install Adagios from Source on Debian Jessie

Adagios is a web based Nagios configuration interface built to be simple and intuitive in design, exposing less of the clutter under the hood of nagios. Additionally adagios has a rest interface for both status and configuration data as well a feature complete status interface that can be used as an alternative to nagios web interface.

If you want to manage all your Nagios Core configuration and you don’t use WATO or Check MK, you could just use Adagios to do it.

Installing Adagios

Install Dependencies

apt-get install git libapache2-mod-wsgi python-django python-simplejson libgmp-dev python-dev python-paramiko

Install pynag

It looks like the version of pynag installed from the repos is an old version (even though pynag hasn’t been touched in a while).

I used these steps to download and install the current version of pynag:

git clone https://github.com/pynag/pynag.git
cd pynag
python setup.py build
python setup.py install

This put all the proper

Continue Reading

High Availability Storage with DRBD + Heartbeat + NFS on Debian 8

Overview

This guide will help you setup a highly available NFS server on Debian Jessie. This is a relatively battle-tested configuration, and there is plenty information out there on how it works.

This guide will give you a setup as follows:

  • One active NFS server with its own public, private and floating IP (VIP)
  • One passive hot standby NFS server with its own public and private IP
  • Automatic failover when one of the nodes becomes unresponsive or unreachable.
  • Unicast cluster syncronization (so it works on Linode and other places where multicast (like corosync) isn’t available).

Servers

While writing this guide, I used 2 KVM machine on Proxmox 4.2 (nfsnode01 and nfsnode02). Each VM configured as follows:

  • Default Debian Jessie install from a netinst iso
  • 512MB RAM
  • 1 x 20GB OS disk (all partitions – /dev/sda)
  • 1 x 20GB data disk (/dev/sdb)
  • Each node has 2x NICs (1x on network and
Continue Reading

High Availability Storage with iSCSI Target on Debian 8

Software

  • Linux-HA – Linux clustering software.
  • DRBD – Distributed Replicated Block Device. Allows you to RAID1 partitions over IP.
  • iscsitarget – Linux implementation of an iSCSI target.

 

Configuration

This guide is based on the following:

  • Two nodes (Debian 8.5 AMD64)
  • Each node has 2x NICs (1x on network and 1x for DRBD data).
  • Nodes:
    • san01 (“node1”) / 192.168.0.242 / eth0
      • DRBD sync network: node1-drbd / 10.50.40.21 / eth1
    • san02 (“node2”) / 192.168.0.243 / eth0
      • DRBD sync network: node2-drbd / 10.50.40.22 / eth1
  • Cluster IP address: 192.168.0.245

Note: Unless explicitly stated (i.e. commands prefixed with [node1] or [node2]), commands and configurations should be completed on both nodes.

LVM

We install lvm2 and create a VG.

apt-get install -y lvm2
pvcreate  /dev/sdb

Physical volume “/dev/sdb” successfully created

vgcreate drbddev01 /dev/sdb

Volume group “drbddev01” successfully created

Create DRBD meta data Logical Volume on Volume Group drbddev01:

lvcreate -L1G -ndrbd-metadata drbddev01

Logical volume

Continue Reading

Install GlusterFS Cluster on Debian 8

Introduction

GlusterFS is a scalable network filesystem. Using common off-the-shelf hardware, you can create large, distributed storage solutions for media streaming, data analysis, and other data- and bandwidth-intensive tasks. GlusterFS is free and open source software.

Preliminary Note

In this tutorial, I will use three systems, two servers and a client:

  • gfsnode01.lplinux.com.ar: IP address 192.168.1.100 (server)
  • gfsnode02.lplinux.com.ar: IP address 192.168.1.101 (server)
  • proxmox01.lplinux.com.ar: IP address 192.168.1.102 (client)

All three systems should be able to resolve the other systems’ hostnames. If this cannot be done through DNS, you should edit the /etc/hosts file so that it looks as follows on all three systems:

vim /etc/hosts
127.0.0.1 localhost
192.168.1.100 gfsnode01.lplinux.com.ar gfsnode01
192.168.1.101 gfsnode02.lplinux.com.ar gfsnode02
192.168.1.102 proxmox01.lplinux.com.ar proxmox01


# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters

(It is also possible to use IP addresses instead of hostnames in the following setup.

Continue Reading

Configure Rsyslog to send our logs to ELK

Introduction

We have seen before how to add filters and indexes for Filebeat and Topbeat. But in some cases, we won’t be able to install additional software to manage our logs. That’s when Rsyslog is our best option. In this post we will configure an external log from Apache that is not manage by default for Rsyslog.

Configuring Rsyslog (client side)

We are going to create a new file on /etc/rsyslog.d that will contain our new input log configuration.

$InputFileName /var/log/apache2/access.log #can NOT use wildcards – this is where logstash-forwarder would be nice
$InputFileTag apache-access-rs:  #Logstash throws grok errors if the “:” is anywhere besides at the end; shows up as “Program” in Logstash
$InputFileStateFile apache-access-rs  #can be anything; unique id used by rsyslog
$InputFileSeverity info
$InputFileFacility apacheaccess
$InputRunFileMonitor
$InputFilePollInterval 10
$InputFilePersistStateInterval 1000

apacheaccess.* @@ELK_server_private_IP:5544  #the 2 “@” signs tells rsyslog to use TCP; 1 “@” sign 
Continue Reading

Gather Infrastructure Metrics with Topbeat and ELK on CentOS 7

Introduction

Topbeat, which is one of the several “Beats” data shippers that helps send various types of server data to an Elasticsearch instance, allows you to gather information about the CPU, memory, and process activity on your servers. In conjunction with an ELK server (Elasticsearch, Logstash, and Kibana), the data that Topbeat gathers can be used to easily visualize metrics so that you can see the status of your servers in a centralized place.

In this tutorial, we will show you how to use an ELK stack to gather and visualize infrastructure metrics by using Topbeat on a CentOS 7 server.

 

Load Topbeat Index Template in Elasticsearch

Because we are planning on using Topbeat to ship logs to Elasticsearch, we should load the Topbeat index template. The index template will configure Elasticsearch to analyze incoming Topbeat fields in an intelligent way.

First, download the Topbeat index template on your

Continue Reading

Adding Filters to Logstash (ELK stack)

Introduction

This post has a couple of configuration I needed to a particular environment. I already have my stack working. There is a lot of other filters, patterns and configurations. I will be adding more in time.

Default PATHS

Logstash configuration directory: /etc/logstash/conf.d
Logstash patterns directory: /opt/logstash/patterns

Specific Configuration

Syslog

Prospector (client side – Filebeat)

This block must be beneath of prospectors section and maintaining the indentation.

    -
      paths:
        - /var/log/auth.log
        - /var/log/syslog
      input_type: log
      document_type: syslog

Log example

Jun  3 12:17:01 server01 /USR/SBIN/CRON[15365]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)

Patterns

There is no specific pattern you should add.

Filter

This configuration is inside 10-syslog-filter.conf

filter { 
  if [type] == "syslog" {
    grok {
      match => { "message" => "%{SYSLOGTIMESTAMP:syslog_timestamp} %{SYSLOGHOST:syslog_hostname} %{DATA:syslog_program}(?:\[%{POSINT:syslog_pid}\])?: %{GREEDYDATA:syslog_message}" }
      add_field => [ "received_at", "%{@timestamp}" ]
      add_field => [ "received_from", "%{host}" ]
    }
    syslog_pri { }
    date {
      match => [ "syslog_timestamp", 
Continue Reading

Install Elasticsearch, Logstash, and Kibana (ELK Stack) on CentOS 7

Introduction

In this tutorial, we will go over the installation of the Elasticsearch ELK Stack on CentOS 7—that is, Elasticsearch 2.3.x, Logstash 2.3.x, and Kibana 4.5.x. We will also show you how to configure it to gather and visualize the syslogs of your systems in a centralized location, using Filebeat 1.1.x.

Logstash is an open source tool for collecting, parsing, and storing logs for future use.

Kibana is a web interface that can be used to search and view the logs that Logstash has indexed. Both of these tools are based on Elasticsearch, which is used for storing logs.

Centralized logging can be very useful when attempting to identify problems with your servers or applications, as it allows you to search through all of your logs in a single place. It is also useful because it allows you to identify issues that span multiple servers by correlating their logs during

Continue Reading

Configuring Distributed Nagios with Check MK

What happen when we have several office or clients or datacenter where we need to monitor each place separately?

In those scenarios, we could reach the servers through a VPN. But sometimes (most of the time) that’s not the best way to do it or even possible. We are going to configure several Nagios servers, each one with specific servers monitored, centralizing them on one “master” Nagios. From this Master we will add new hosts and services, configure timeperiods, and everything that Nagios allows us from one single interface and one single point of access to our big (or huge) infrastructure.

Right now, I have 4 Nagios server inside the same network, but we could have them on different subnets or even through internet. We will only need access to 3 ports, so if you have a firewall between the nodes, you have to forward the traffic.

Nagios Master: 10.50.40.101
Continue Reading

Install Nagios Core 4.1.1 in Debian Jessie Part 4

We already have Nagios working and our optionals clients. Now we have to configure our clients.

Installing Check_MK Agent

Preparing centralized repository

To get all the files together and make easily to deploy new host, I created a directory on my Nagios to put all the installers.

cd /usr/src
wget https://github.com/lplinux/scripts/raw/master/mk_agents.tar.gz
tar xvzf mk_agents.tar.gz  -C /var/www/
chown -R www-data:www-data /var/www/mk_agents/

Configuring Apache

To get access to the installer from any host in the network, we have to add this block to our Apache configuration:

vim /etc/apache2/sites-available/mk_agents.conf
Alias /mk_agents "/var/www/mk_agents"

<Directory "/var/www/mk_agents">
#       Require all granted
        AllowOverride None
        Order allow,deny
        Allow from all
        #
        # Use the same value as defined in nagios.conf
        #
        AuthName "MK Agent Download Center"
        AuthType Basic
        AuthUserFile /var/www/mk_agents/htpasswd.users
        Require valid-user
        <IfModule mod_rewrite.c>
                # Turn on URL rewriting
                RewriteEngine On
                Options FollowSymLinks
                # Installation directory
                RewriteBase /mk_agents
                # Protect application and system files from being viewed
                
Continue Reading

Install Nagios Core 4.1.1 in Debian Jessie Part 3

Now that we have our Nagios working, we might need some other clients to work with. We already have Check_MK for some checks,but in this guide we are going to install a couple more clients.

SNMP MIBs

In some cases, mostly with routers, we need to use SNMP for checks and the OID are differents than Linux or Windows OS.

Installing MIBs

For licensing reasons, net-snmp package installs only a small number of MIBs in /usr/share/mibs directory. A large number of standard MIBs can be installed using snmp-mibs-downloader package:

apt-get install snmp-mibs-downloader
download-mibs

To add another MIBs than default, for example cisco MIBs:

cp /usr/share/doc/snmp-mibs-downloader/examples/cisco* /etc/snmp-mibs-downloader/
cd /etc/snmp-mibs-downloader && sudo gzip -d ciscolist.gz

Change /etc/snmp-mibs-downloader/snmp-mibs-downloader.conf

Continue Reading

Install Nagios Core 4.1.1 in Debian Jessie Part 2

We already have a Nagios Core installed. Now we want to add some very nice add ons to the platform.

Download additional software

Go to Mathias Kettner web and download the last version of Check_MK.

wget -O /usr/src/check_mk-1.2.6p16.tar.gz http://mathias-kettner.com/download/check_mk-1.2.6p16.tar.gz

We also need Nagvis and PNP4Nagios

wget -O /usr/src/nagvis-1.8.5.tar.gz http://www.nagvis.org/share/nagvis-1.8.5.tar.gz 
wget -O /usr/src/pnp4nagios-0.6.25.tar.gz  http://downloads.sourceforge.net/project/pnp4nagios/PNP-0.6/pnp4nagios-0.6.25.tar.gz?r=https%3A%2F%2Fsourceforge.net%2Fprojects%2Fpnp4nagios%2Ffiles%2FPNP-0.6%2F&ts=1460394997&use_mirror=pilotfiber

PNP4Nagios

Prerequisites

Continue Reading

Install Nagios Core 4.1.1 in Debian Jessie Part 1

About Nagios

Nagios is an enterprise class, open source software that can be used for network and infrastructure monitoring. Using Nagios, we can monitor servers, switches, applications and services etc. It alerts the System Administrator when something goes wrong and also alerts back when the issues have been rectified.

Features

Using Nagios, you can:

  • Monitor your entire IT infrastructure.
  • Identify problems before they occur.
  • Know immediately when problems arise.
  • Share availability data with stakeholders.
  • Detect security breaches.
  • Plan and budget for IT upgrades.
  • Reduce downtime and business losses.

Prerequisites

Make sure your server have installed with fully working LAMP stack. If not, follow the below link to install LAMP server.

Then install the following prerequisites:

apt-get install build-essential libgd2-xpm-dev apache2-utils unzip curl
a2enmod rewrite
a2enmod cgi

Create Nagios User And Group

Create a new nagios user account:

useradd -m nagios
passwd nagios

Create a new

Continue Reading

Install LAMP on Debian Jessie

LAMP_Linux_Apache_MySQL_PHP

LAMP is a combination of operating system and open-source software stack. The acronym LAMP came from the first letters of Linux, Apache HTTP Server, MySQL or MariaDB database, and PHP/Perl/Python. This tutorial describes how to install it on a Debian Jessie distribution, but it should work on previous version of Debian and derivatives.

1. Install Apache

Apache is an open-source multi-platform web server. It provides a full range of web server features including CGI, SSL and virtual domains.

To install Apache, enter:

apt-get install apache2

Test Apache:
Open your web browser and navigate to http://localhost/ or http://server-ip-address/.

Apache2-Ubuntu-Default-Page

2. Install MariaDB

 

Under Debian systems, it’s highly recommended to install ‘python-software-properties‘ package, before heading up for the MariaDB installation from official repositories.

apt-get install python-software-properties

Next, import and regtister the GPG key, which enables apt to verify the integrity

Continue Reading