{"id":2473,"date":"2019-03-30T16:47:24","date_gmt":"2019-03-30T13:47:24","guid":{"rendered":"http:\/\/kifarunix.com\/?p=2473"},"modified":"2024-03-11T22:25:49","modified_gmt":"2024-03-11T19:25:49","slug":"monitor-linux-hosts-using-nagios-check_by_ssh-plugin","status":"publish","type":"post","link":"https:\/\/kifarunix.com\/monitor-linux-hosts-using-nagios-check_by_ssh-plugin\/","title":{"rendered":"Monitor Linux Hosts using Nagios check_by_ssh Plugin"},"content":{"rendered":"\n<p>Welcome to our tutorial on how to monitor Linux Hosts using Nagios <a rel=\"noopener noreferrer\" href=\"https:\/\/www.monitoring-plugins.org\/doc\/man\/check_by_ssh.html\" target=\"_blank\">check_by_ssh<\/a> plugin. This enables Nagios Server to monitor system metrics and services on remote Linux server using SSH. <\/p>\n\n\n\n<p>We have covered various guides on Nagios Monitoring in our previous articles;<\/p>\n\n\n\n<p><a title=\"Nagios SNMP Monitoring of Linux Hosts on AlienVault USM\/OSSIM\" rel=\"bookmark noopener noreferrer\" href=\"https:\/\/kifarunix.com\/nagios-snmp-monitoring-of-linux-hosts-on-alienvault-usm-ossim\/\" target=\"_blank\" class=\"rank-math-link\">Nagios SNMP Monitoring of Linux Hosts on AlienVault USM\/OSSIM<\/a><\/p>\n\n\n\n<p><a title=\"Nagios SNMP Monitoring of Linux Hosts on AlienVault USM\/OSSIM\" rel=\"bookmark noopener noreferrer\" href=\"https:\/\/kifarunix.com\/nagios-snmp-monitoring-of-linux-hosts-on-alienvault-usm-ossim\/\" target=\"_blank\" class=\"rank-math-link\">How to Install Nagios Plugins and NRPE agents on CentOS 7\/RHEL 7\/Fedora 29<\/a><\/p>\n\n\n\n<p><a title=\"Nagios SNMP Monitoring of Linux Hosts on AlienVault USM\/OSSIM\" rel=\"bookmark noopener noreferrer\" href=\"https:\/\/kifarunix.com\/nagios-snmp-monitoring-of-linux-hosts-on-alienvault-usm-ossim\/\" target=\"_blank\" class=\"rank-math-link\">Configure Nagios Availability Monitoring on AlienVault USM\/OSSIM<\/a><\/p>\n\n\n\n<p><a title=\"Nagios SNMP Monitoring of Linux Hosts on AlienVault USM\/OSSIM\" rel=\"bookmark noopener noreferrer\" href=\"https:\/\/kifarunix.com\/nagios-snmp-monitoring-of-linux-hosts-on-alienvault-usm-ossim\/\" target=\"_blank\" class=\"rank-math-link\">How to Install Nagios Plugins From Source RHEL\/CentOS\/Oracle Linux<\/a><\/p>\n\n\n\n<p><a title=\"Nagios SNMP Monitoring of Linux Hosts on AlienVault USM\/OSSIM\" rel=\"bookmark noopener noreferrer\" href=\"https:\/\/kifarunix.com\/nagios-snmp-monitoring-of-linux-hosts-on-alienvault-usm-ossim\/\" target=\"_blank\" class=\"rank-math-link\">How to Install Nagios NRPE Agent on RHEL\/CentOS\/Oracle Linux<\/a><\/p>\n\n\n\n<p><a title=\"Nagios SNMP Monitoring of Linux Hosts on AlienVault USM\/OSSIM\" rel=\"bookmark noopener noreferrer\" href=\"https:\/\/kifarunix.com\/nagios-snmp-monitoring-of-linux-hosts-on-alienvault-usm-ossim\/\" target=\"_blank\" class=\"rank-math-link\">How to Install and Configure NSClient++ Nagios Agent on Windows System<\/a><\/p>\n\n\n\n<p><a title=\"Nagios SNMP Monitoring of Linux Hosts on AlienVault USM\/OSSIM\" rel=\"bookmark noopener noreferrer\" href=\"https:\/\/kifarunix.com\/nagios-snmp-monitoring-of-linux-hosts-on-alienvault-usm-ossim\/\" target=\"_blank\" class=\"rank-math-link\">How to Install and Configure Nagios Core From the Source Ubuntu 18.04<\/a><\/p>\n\n\n\n<p><a title=\"Nagios SNMP Monitoring of Linux Hosts on AlienVault USM\/OSSIM\" rel=\"bookmark noopener noreferrer\" href=\"https:\/\/kifarunix.com\/nagios-snmp-monitoring-of-linux-hosts-on-alienvault-usm-ossim\/\" target=\"_blank\" class=\"rank-math-link\">How to Install and Configure Nagios Core From repo Ubuntu 18.04<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Monitoring Linux Hosts using Nagios check_by_ssh Plugin<\/h2>\n\n\n\n<p>In order to monitor Linux hosts using the Nagios <code>check_by_ssh<\/code> plugin, there are a few prerequisites that must be met.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Create a Nagios user for monitoring on the host to be monitored.<\/li>\n\n\n\n<li>Configure passwordless SSH authentication as nagios user on host to monitor.<\/li>\n\n\n\n<li>Install Nagios plugins on the host to monitor.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Creating a Nagios user<\/h3>\n\n\n\n<p>Login to the host to monitor and create a user called nagios and set the login password.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>useradd -m nagios<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>passwd nagios<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ILfuVd\">SSH Public-key Authentication<\/span><\/h3>\n\n\n\n<p>In order to read the remote system metrics or run monitoring scripts, the Monitoring server has to login to the target host using <code>nagios<\/code> user created above. Hence, you need to configure passwordless authentication via the use of SSH keys. Want to read more about SSH configuration? Check our articles by following the links below;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/kifarunix.com\/allow-deny-specific-users-to-login-via-ssh-on-ubuntu-18-04\/\" target=\"_blank\" rel=\"noopener noreferrer\">Allow\/Deny Specific Users to Login via SSH on Ubuntu 18.04<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/kifarunix.com\/configure-ssh-public-key-authentication-in-linux\/\" target=\"_blank\" rel=\"noopener noreferrer\">Configure SSH Public Key Authentication in Linux<\/a><\/li>\n<\/ul>\n\n\n\n<h4 class=\"wp-block-heading\">Generate SSH Keys<\/h4>\n\n\n\n<p>Run the command below to generate SSH keys on the monitoring server, <a href=\"https:\/\/kifarunix.com\/how-to-install-and-configure-alienvault-ossim-5-5-on-virtualbox\/\" target=\"_blank\" rel=\"noopener noreferrer\">AlienVault OSSIM<\/a> in my case. When prompted to enter the password, press enter to leave the password blank.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>ssh-keygen<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>Generating public\/private rsa key pair.\nEnter file in which to save the key (\/root\/.ssh\/id_rsa): \/root\/.ssh\/nagios\nEnter passphrase (empty for no passphrase): \nEnter same passphrase again: \nYour identification has been saved in \/root\/.ssh\/nagios.\nYour public key has been saved in \/root\/.ssh\/nagios.pub.\nThe key fingerprint is:\nb3:7d:b2:26:8b:1e:84:c1:20:a8:53:1b:ab:32:20:ce root@alienvault\nThe key's randomart image is:\n+---[RSA 2048]----+\n|o .              |\n|..oo             |\n|.. +o            |\n|= o  o           |\n|=o  . . S        |\n|+E   .   +       |\n|..    . . o .    |\n|       o. .+     |\n|     .o .+.      |\n+-----------------+<\/code><\/pre>\n\n\n\n<p>Note that I saved my SSH keys for connecting to nagios under the <code>\/root\/.ssh\/nagios<\/code> file instead of the default, <code>\/root\/.ssh\/id_rsa<\/code>. As a result, you need to tell SSH where to find the identity key file for the nagios user on the target host. This can be done by creating the identity configuration file under the <code>\/etc\/ssh\/ssh_config<\/code> or <code>.ssh\/config<\/code> in the user&#8217;s home directory. In this case, we are going to use the later where our user is root.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>vim \/root\/.ssh\/config<\/code><\/pre>\n\n\n\n<p>Add the lines below;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>Host    192.168.43.176                   # Ip address of the remote host\n        IdentityFile    \/root\/.ssh\/nagios  # SSH key file<\/code><\/pre>\n\n\n\n<p>Copy the SSH public key to nagios user on the target host<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>ssh-copy-id -i \/root\/.ssh\/nagios nagios@192.168.43.176<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>\/usr\/bin\/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed\n\/usr\/bin\/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys\nnagios@192.168.43.176's password: <strong>Nagios User Password on Remote Host<\/strong>\n\nNumber of key(s) added: 1\n\nNow try logging into the machine, with:   \"ssh 'nagios@192.168.43.176'\"\nand check to make sure that only the key(s) you wanted were added.<\/code><\/pre>\n\n\n\n<p>To verify that you cannot be prompted for password when logging in as nagios, try to log in.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>ssh 'nagios@192.168.43.176'<\/code><\/pre>\n\n\n\n<p>You can also disable agent forwarding, port forwarding or tty allocation for the connections fromt the monitoring host to the nagios user. This can be done by specifying the following options in the <code>authorized_keys<\/code> file for the nagios user just before the keyword, <code>ssh-rsa<\/code> on the SSH key.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>from \"192.168.43.200\",no-pty,no-agent-forwarding,no-port-forwarding<\/code><\/pre>\n\n\n\n<p>Where 192.168.43.200 is the IP of my Nagios Server (OSSIM) in this case. Check <a href=\"https:\/\/man.cx\/sshd(1)\" target=\"_blank\" rel=\"noopener noreferrer\">man sshd<\/a> for further exaplanation of these options.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>vim \/home\/nagios\/.ssh\/authorized_keys<\/code><\/pre>\n\n\n\n<pre class=\"wp-block-preformatted\"><code><strong>from \"192.168.43.200\",no-pty,no-agent-forwarding,no-port-forwarding ssh-rsa<\/strong> AAAAB3NzaC1yc2EAA...StPEz root@alienvault<\/code><\/pre>\n\n\n\n<p>As a security measure, disable password login for nagios user since login will be made via the use of SSH keys.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>vim \/etc\/ssh\/sshd_config<\/code><\/pre>\n\n\n\n<p>Add the line below to the end of the SSHd configuration file.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>Match   User    nagios\n        PasswordAuthentication no<\/code><\/pre>\n\n\n\n<p>Reload SSH<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>systemctl reload ssh<\/code><\/pre>\n\n\n\n<p>You can learn more about disabling SSH password authentication for specific users in our previous guide.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/kifarunix.com\/disable-ssh-password-login-for-specific-users-in-ubuntu-18-04\/\" target=\"_blank\" rel=\"noopener noreferrer\">Disable SSH Password Login for Specific Users in Ubuntu 18.04<\/a><\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">Test Monitoring with check_by_ssh<\/h3>\n\n\n\n<p>Most of the configurations are done and your remote server is ready for monitoring using check_by_ssh command. As an example, try to query the system uptime.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>\/usr\/lib\/nagios\/plugins\/check_by_ssh -H 192.168.43.176 -C \"uptime\" -l nagios\n 16:00:46 up  2:13,  3 users,  load average: 0.07, 0.06, 0.01<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Install Nagios Plugins<\/h3>\n\n\n\n<p>In order to utilize Nagios monitoring scripts on the target host, install the nagios plugins. If you are running an ubuntu system, install the plugins by running the command below;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>apt install nagios-plugins<\/code><\/pre>\n\n\n\n<p>This installs the monitoring scripts to <code>\/usr\/lib\/nagios\/plugins\/<\/code>.<\/p>\n\n\n\n<p>For CentOS\/Fedora or any RHEL based, follow the links below;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a title=\"How to Install Nagios Plugins From Source RHEL\/CentOS\/Oracle Linux\" href=\"https:\/\/kifarunix.com\/how-to-install-nagios-plugins-from-source-rhel-centos-oracle-linux\/\" target=\"_blank\" rel=\"bookmark noopener noreferrer\">How to Install Nagios Plugins From Source RHEL\/CentOS\/Oracle Linux<\/a><\/li>\n\n\n\n<li><a title=\"How to Install Nagios Plugins and NRPE agents on CentOS 7\/RHEL 7\/Fedora 29\" href=\"https:\/\/kifarunix.com\/how-to-install-nagios-plugins-and-nrpe-agents-on-centos-7-rhel-7-fedora-29\/\" target=\"_blank\" rel=\"bookmark noopener noreferrer\">How to Install Nagios Plugins and NRPE agents on CentOS 7\/RHEL 7\/Fedora 29<\/a><\/li>\n<\/ul>\n\n\n\n<p>If you cannot install the plugins on the host for some reason, then you can copy the monitoring scripts from the Nagios server. For example;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>scp \/usr\/lib\/nagios\/plugins\/check_procs nagios@192.168.43.176:<\/code><\/pre>\n\n\n\n<p>To monitor the host with check_by_ssh plugin, run the command from the Nagios server (or your monitoring host) specifying the script to execute on the remote host. For example, to monitor disk usage (\/ partition) and prints the usage in megabytes, run the command below.<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>\/usr\/lib\/nagios\/plugins\/check_by_ssh -H 192.168.43.176 -C \"<strong>\/usr\/lib\/nagios\/plugins\/check_disk -w 80% -c 90% -p \/ -m<\/strong>\" -l nagios\nDISK OK - free space: \/ 99307 MB (94% inode=98%);| \/=5402MB;22071;11035;0;110358<\/code><\/pre>\n\n\n\n<p>This assumes that the Nagios check_disk script is located under the default install location.<\/p>\n\n\n\n<p>If you have the scripts in different directories, say home directory, execute the command as in below;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>\/usr\/lib\/nagios\/plugins\/check_by_ssh -H 192.168.43.176 -C \"\/home\/nagios\/check_procs -w 100 -c 200\" -l nagios\nPROCS WARNING: 152 processes | procs=152;100;200;0;<\/code><\/pre>\n\n\n\n<p>To alert of any process consumes more than 80% or 90% CPU;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>\/usr\/lib\/nagios\/plugins\/check_by_ssh -H 192.168.43.176 -C \"\/home\/nagios\/check_procs -w 80 -c 90 -m CPU\" -l nagios\nCPU OK: 152 processes | procs=152;;;0; procs_warn=0;;;0; procs_crit=0;;;0;<\/code><\/pre>\n\n\n\n<p>To make this easy for Nagios Monitoring, you need to create command definitions for various services or metrics you need to monitor.<\/p>\n\n\n\n<p>In the command definition configuration file, you define the command as;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>define command{\n        command_name check_running_procs\n        command_line \/usr\/lib\/nagios\/plugins\/check_by_ssh -H $HOSTADDRESS$ -C \"\/home\/nagios\/check_procs -w $ARG1$ -c $ARG2$\" -l nagios\n}<\/code><\/pre>\n\n\n\n<p>The service definition will look like as shown below;<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\"><code>define service{\n        use                     your-service_template\n        hostgroup_name          &lt;your group name&gt; # can be a single host, host_name.\n        service_description     Running Processes\n        check_command           check_running_procs!100!200\n        }<\/code><\/pre>\n\n\n\n<p>That is all on monitoring Linux hosts using Nagios <a href=\"https:\/\/www.monitoring-plugins.org\/doc\/man\/check_by_ssh.html\" target=\"_blank\" rel=\"noopener noreferrer\">check_by_ssh<\/a> plugin.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Welcome to our tutorial on how to monitor Linux Hosts using Nagios check_by_ssh plugin. This enables Nagios Server to monitor system metrics and services on<\/p>\n","protected":false},"author":1,"featured_media":8857,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"footnotes":""},"categories":[72,103,121,73],"tags":[371,3555,3554,3557,75,3556],"class_list":["post-2473","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-monitoring","category-alienvault","category-howtos","category-nagios","tag-check_by_ssh","tag-check_by_ssh-nagios","tag-monitor-hosts-using-nagios-check_by_ssh-plugin","tag-monitor-services-using-check_by_ssh-plugin","tag-nagios","tag-nagios-check_by_ssh-plugin","generate-columns","tablet-grid-50","mobile-grid-100","grid-parent","grid-50","resize-featured-image"],"_links":{"self":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/2473"}],"collection":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/comments?post=2473"}],"version-history":[{"count":8,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/2473\/revisions"}],"predecessor-version":[{"id":21119,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/posts\/2473\/revisions\/21119"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media\/8857"}],"wp:attachment":[{"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/media?parent=2473"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/categories?post=2473"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kifarunix.com\/wp-json\/wp\/v2\/tags?post=2473"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}