status of the service or host<\/code><\/strong> which can be OK, WARNING, UP, DOWN<\/code><\/strong>, etc. and the type of state<\/code><\/strong> the service or host which can hard or soft<\/code><\/strong>.<\/p>\n\n\n\nRead more about notification on Nagios notification<\/a>.<\/p>\n\n\n\nBefore you can proceed, install Nagios and add hosts to be monitored.<\/p>\n\n\n\n
Install Nagios Server on CentOS 8<\/a><\/p>\n\n\n\nAdd Hosts to Nagios Server For Monitoring<\/a><\/p>\n\n\n\nConfigure Nagios Availability Monitoring<\/a><\/p>\n\n\n\nConfiguring Nagios Email Notification Using Gmail<\/h2>\n\n\n\nInstall Required Mail Packages<\/h3>\n\n\n\n
In this guide, we are going to use Postfix as out Mail Transfer Agent (MTA). Also, by default, Nagios Mail notification is sent using mail<\/code> command. Hence, run the command below to install the required packages.<\/p>\n\n\n\ndnf install postfix cyrus-sasl-plain mailx<\/code><\/pre>\n\n\n\nConfigure Postfix to Use Gmail Relay<\/h3>\n\n\n\n
Enable STARTTLS encryption by changing the line smtp_tls_security_level = may<\/code> to smtp_tls_security_level = encrypt<\/strong><\/code>.<\/strong><\/p>\n\n\n\nsed -i 's\/smtp_tls_security_level = may\/smtp_tls_security_level = encrypt<\/strong>\/' \/etc\/postfix\/main.cf<\/code><\/pre>\n\n\n\nIf the smtp_tls_security_level<\/strong> option is not set, just insert it;<\/p>\n\n\n\necho \"smtp_tls_security_level = encrypt<\/strong>\" >> \/etc\/postfix\/main.cf<\/code><\/pre>\n\n\n\nDefine the path to CA certificates. The public root certificates are usually found under \/etc\/pki\/tls\/certs\/ca-bundle.crt<\/code> on RHEL derivatives and \/etc\/ssl\/certs\/ca-certificates.crt<\/code> on Debian\/Ubuntu systems.<\/p>\n\n\n\necho \"smtp_tls_CAfile = \/etc\/pki\/tls\/certs\/ca-bundle.crt\" >> \/etc\/postfix\/main.cf <\/code><\/pre>\n\n\n\nNext, insert the following lines to the Postfix configuration file to define the Gmail relay host and SASL options.<\/p>\n\n\n\n
cat >> \/etc\/postfix\/main.cf << EOF\nrelayhost = [smtp.gmail.com]:587\nsmtp_sasl_auth_enable = yes\nsmtp_sasl_password_maps = hash:\/etc\/postfix\/sasl_passwd\nsmtp_sasl_security_options = noanonymous\nEOF<\/code><\/pre>\n\n\n\nConfigure SASL credentials for your gmail account.<\/p>\n\n\n\n
vim \/etc\/postfix\/sasl_passwd<\/code><\/pre>\n\n\n\nEnter the following content, replacing the userid<\/strong> and password<\/strong> accordingly.<\/p>\n\n\n\n[smtp.gmail.com]:587 userid@gmail.com:password<\/code><\/pre>\n\n\n\nGenerate Postfix lookup table from the \/etc\/postfix\/sasl_passwd<\/strong> file.<\/p>\n\n\n\npostmap \/etc\/postfix\/sasl_passwd<\/code><\/pre>\n\n\n\nChange ownership and permission to of the \/etc\/postfix\/sasl_passwd<\/strong> to root<\/code> and read-write<\/code> only respectively.<\/p>\n\n\n\nchown root:root \/etc\/postfix\/sasl_passwd*\nchmod 600 \/etc\/postfix\/sasl_passwd*<\/code><\/pre>\n\n\n\nStart and enable Postfix<\/p>\n\n\n\n
systemctl enable postfix --now<\/code><\/pre>\n\n\n\nTest the relay;<\/p>\n\n\n\n
First allow less secure apps access to your gmail account<\/a>.<\/p>\n\n\n\nAfter that, try to sent a test mail.<\/p>\n\n\n\n
echo \"Test Postfix Gmail Relay\" | mail -s \"Postfix Gmail Relay\" userid@gmail.com<\/code><\/pre>\n\n\n\nYou should be able to receive the mail on your inbox. You can also check the mail logs. The log filename may be different for your case.<\/p>\n\n\n\n
tail -f \/var\/log\/maillog<\/code><\/pre>\n\n\n\nOct 19 15:01:44 dev-server postfix\/smtp[5109]: C7E8C3B5AD: to=userid@gmail.com<\/a>, relay=smtp.gmail.com[74.125.200.109]:587, delay=18, delays=0.04\/0.02\/16\/2.1, dsn=2.0.0, status=sent (250 2.0.0 OK<\/strong> 1571511704 h8sm11800598pfo.64 - gsmtp)\nOct 19 15:01:44 dev-server postfix\/qmgr[4574]: C7E8C3B5AD: removed<\/code><\/pre>\n\n\n\nCreate Nagios Contact Object Definition<\/h3>\n\n\n\n
The first step in configuring is to create a Nagios contacts group that defines who should be notified on the state of a monitored service or host.<\/p>\n\n\n\n
Nagios comes with a default contact group, contacts.cfg<\/code>, located on the default objects definition configurations directory, \/usr\/local\/nagios\/etc\/objects<\/strong><\/code>.<\/p>\n\n\n\nYou can modify the default contacts definition configuration file or create your own.<\/p>\n\n\n\n
Note that, if you are not using non-default Nagios object definitions directory, you need to configure Nagios to process object definitions in that directory.<\/p>\n\n\n\n
For example in the above case, insert the line, cfg_dir=\/usr\/local\/nagios\/etc\/objects\/kifarunix-demo<\/code> on the Object definitions file<\/strong> section of the \/usr\/local\/nagios\/etc\/nagios.cfg<\/code>.<\/p>\n\n\n\nIn this guide, we create a custom contacts definition configuration under a custom directory, \/usr\/local\/nagios\/etc\/objects\/kifarunix-demo<\/code>.<\/p>\n\n\n\nvim \/usr\/local\/nagios\/etc\/objects\/kifarunix-demo\/contacts.cfg<\/code><\/pre>\n\n\n\ndefine contact{\n name kifarunix-demo-contact\n service_notification_period 24x7\n host_notification_period 24x7\n service_notification_options w,u,c,r\n host_notification_options d,r\n service_notification_commands notify-service-by-email\n host_notification_commands notify-host-by-email\n register 0\n }\n# Define Individual Contacts\ndefine contact{\n contact_name johndoe\n use kifarunix-demo-contact\n alias John Doe-Oracle DBA\n email djoe@kifarunix-demo.com\n }\ndefine contact{\n contact_name janedoe\n use kifarunix-demo-contact\n alias Jane Doe-System Admin\n email djane@kifarunix-demo.com\n }\n# CONTACT GROUP DEFINITION allows multiple contacts to receive alerts\ndefine contactgroup{\n contactgroup_name kifarunix-demo-admins\n alias Sys-DB Admins\n members johndoe,janedoe\n }<\/code><\/pre>\n\n\n\nModify the contact configuration above accordingly.<\/p>\n\n\n\n
Verify Nagios Configuration file<\/h3>\n\n\n\n\/usr\/local\/nagios\/bin\/nagios -v \/usr\/local\/nagios\/etc\/nagios.cfg<\/code><\/pre>\n\n\n\nIf there is no syntax error, restart Nagios service.<\/p>\n\n\n\n
systemctl restart nagios<\/code><\/pre>\n\n\n\nTesting Nagios Mail Alerts Notification<\/h3>\n\n\n\n\n- To test if mail notification works, first change the IP address of one of the hosts to an IP that is unreachable such that it looks like the host is down.<\/li>\n<\/ul>\n\n\n\n
![\"\"](\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/10\/host-down.png\" "\\"\\"")
<\/figure><\/div>\n\n\n\n- Reschedule the next check for the host state. This will automatically sent out an email alert on host DOWN.<\/li>\n<\/ul>\n\n\n\n
If you encounter the error below when rescheduling checks, <\/p>\n\n\n\n
Error: Could not open command file '\/usr\/local\/nagios\/var\/rw\/nagios.cmd' for update!<\/strong><\/code><\/pre>\n\n\n\nThis is due to SELinux. To fix, run journactl -xe<\/code>. It should show some SELinux commands to execute to fix this. The commands below is what i run myself.<\/p>\n\n\n\nausearch -c 'cmd.cgi' --raw | audit2allow -M my-cmdcgi\nsemodule -X 300 -i my-cmdcgi.pp<\/code><\/pre>\n\n\n\nAlso, you may encounter the error;<\/p>\n\n\n\n
Could not open command file '\/usr\/local\/nagios\/var\/rw\/nagios.cmd'<\/strong><\/code><\/pre>\n\n\n\nRun the command below to fix it.<\/p>\n\n\n\n
chcon -R -t httpd_sys_script_rw_t \/usr\/local\/nagios\/var\/rw<\/code><\/pre>\n\n\n\nYou should be able to manually reschedule Nagios host or service checks.<\/p>\n\n\n\n
You should now get the email alert on the host being down.<\/p>\n\n\n\n
** PROBLEM Host Alert: web01.kifarunix-demo.com is DOWN **\n\nusername@gmail.com\n\n***** Nagios *****\n\nNotification Type: PROBLEM\nHost: web01.kifarunix-demo.com\nState: DOWN<\/strong>\nAddress: 192.168.56.18\nInfo: CRITICAL - Host Unreachable (192.168.56.18)\n\nDate\/Time: Sat Oct 19 15:16:09 EDT 2019<\/code><\/pre>\n\n\n\nPut back the right server IP and reschedule the check to now. You should be able to get the host status UP alert on the mail.<\/p>\n\n\n\n
** RECOVERY Host Alert: web01.kifarunix-demo.com is UP **\n\nusername@gmail.com\n\n***** Nagios *****\n\nNotification Type: RECOVERY\nHost: web01.kifarunix-demo.com\nState: UP<\/strong>\nAddress: 192.168.56.128\nInfo: PING OK - Packet loss = 0%, RTA = 1.36 ms\n\nDate\/Time: Sat Oct 19 15:31:13 EDT 2019<\/code><\/pre>\n\n\n\nYou should be able to receive alerts for service\/host state changes.<\/p>\n\n\n\n
You may also be interested in checking the following tutorials.<\/p>\n\n\n\n
Nagios SNMP Monitoring of Linux Hosts on AlienVault USM\/OSSIM<\/a><\/p>\n\n\n\nMonitor Linux Hosts using Nagios check_by_ssh Plugin<\/a><\/p>\n\n\n\n