Check ports - NRPE portaudit check: Difference between revisions
No edit summary |
No edit summary |
||
| (13 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
{{DISPLAYTITLE:check_ports - NRPE portaudit check}} | |||
[[category:nagios]] | [[category:nagios]] | ||
[[category:Ports_Management]] | [[category:Ports_Management]] | ||
It is possible to monitor servers for outdated or vulnerable ports using Nagios and NRPE: | It is possible to monitor FreeBSD servers for outdated or vulnerable ports using Nagios and NRPE: | ||
<pre> | <pre> | ||
$ cat /usr/ports/net-mgmt/nagios-check_ports/pkg-descr | $ cat /usr/ports/net-mgmt/nagios-check_ports/pkg-descr | ||
Nagios Plugin to monitor your FreeBSD Ports Tree for updates or | Nagios Plugin to monitor your FreeBSD Ports Tree for updates or | ||
installed packages with known security vulnerabilities. | installed packages with known security vulnerabilities. | ||
</pre> | |||
== Configuring Nagios == | |||
Define a new service on the Nagios server, in <code>/usr/local/etc/nagios/objects/services.cfg</code>: | |||
<pre> | |||
define service{ | |||
use generic-service | |||
hostgroup_name freebsd-servers | |||
service_description nrpe_check_ports | |||
check_command check_nrpe2!check_portaudit | |||
} | |||
</pre> | </pre> | ||
Install the port: | I call the check <code>check_portaudit</code> to better remember what it is. | ||
I want all my FreeBSD servers to have their ports checked, so I added the hostgroup <code>freebsd-servers</code> to this check. The FreeBSD servers I monitor in this Nagios installation are all members of the hostgroup <code>freebsd-servers</code>. | |||
== Install the plugin == | |||
Just install the port, easy as it gets. It installs <code>/usr/ports/ports-mgmt/[[portaudit]]</code> as a dependency, by the way: | |||
<pre> | <pre> | ||
sudo portmaster /usr/ports/net-mgmt/nagios-check_ports/ | sudo portmaster /usr/ports/net-mgmt/nagios-check_ports/ | ||
</pre> | </pre> | ||
Add the following line to | '''Note:''' If this is the first time Portaudit (installed as a dependency) is used on the server, you need to download a fresh audit database before it will work. If you do not download it manually, it will happen automatically each night (called from periodic). To download a fresh audit database manually, run: | ||
<pre> | |||
sudo portaudit -F | |||
</pre> | |||
== Configuring NRPE == | |||
Add the following line to <code>/usr/local/etc/nrpe.cfg</code>: | |||
<pre> | <pre> | ||
command[ | command[check_portaudit]=/usr/local/libexec/nagios/check_ports | ||
</pre> | </pre> | ||
I call the check <code>check_portaudit</code> to better remember what it is. | |||
Remember to restart NRPE after changing the config: | Remember to restart NRPE after changing the config: | ||
| Line 23: | Line 45: | ||
sudo /usr/local/etc/rc.d/nrpe2 restart | sudo /usr/local/etc/rc.d/nrpe2 restart | ||
</pre> | </pre> | ||
Latest revision as of 12:46, 28 February 2010
It is possible to monitor FreeBSD servers for outdated or vulnerable ports using Nagios and NRPE:
$ cat /usr/ports/net-mgmt/nagios-check_ports/pkg-descr Nagios Plugin to monitor your FreeBSD Ports Tree for updates or installed packages with known security vulnerabilities.
Configuring Nagios
Define a new service on the Nagios server, in /usr/local/etc/nagios/objects/services.cfg:
define service{
use generic-service
hostgroup_name freebsd-servers
service_description nrpe_check_ports
check_command check_nrpe2!check_portaudit
}
I call the check check_portaudit to better remember what it is.
I want all my FreeBSD servers to have their ports checked, so I added the hostgroup freebsd-servers to this check. The FreeBSD servers I monitor in this Nagios installation are all members of the hostgroup freebsd-servers.
Install the plugin
Just install the port, easy as it gets. It installs /usr/ports/ports-mgmt/portaudit as a dependency, by the way:
sudo portmaster /usr/ports/net-mgmt/nagios-check_ports/
Note: If this is the first time Portaudit (installed as a dependency) is used on the server, you need to download a fresh audit database before it will work. If you do not download it manually, it will happen automatically each night (called from periodic). To download a fresh audit database manually, run:
sudo portaudit -F
Configuring NRPE
Add the following line to /usr/local/etc/nrpe.cfg:
command[check_portaudit]=/usr/local/libexec/nagios/check_ports
I call the check check_portaudit to better remember what it is.
Remember to restart NRPE after changing the config:
sudo /usr/local/etc/rc.d/nrpe2 restart
