Check ports - NRPE portaudit check: Difference between revisions

From TykWiki
Jump to navigationJump to search
No edit summary
No edit summary
 
(7 intermediate revisions by the same user not shown)
Line 1: Line 1:
{{wrongtitle|title=check_ports - NRPE portaudit check}}
{{DISPLAYTITLE:check_ports - NRPE portaudit check}}
[[category:nagios]]
[[category:nagios]]
[[category:Ports_Management]]
[[category:Ports_Management]]
It is possible to monitor servers for outdated or vulnerable ports using Nagios and NRPE:
It is possible to monitor FreeBSD servers for outdated or vulnerable ports using Nagios and NRPE:
<pre>
<pre>
$ cat /usr/ports/net-mgmt/nagios-check_ports/pkg-descr
$ cat /usr/ports/net-mgmt/nagios-check_ports/pkg-descr
Line 8: Line 8:
installed packages with known security vulnerabilities.
installed packages with known security vulnerabilities.
</pre>
</pre>
== Configuring Nagios ==
== Configuring Nagios ==
Define a new service on the Nagios server, in ''/usr/local/etc/nagios/objects/services.cfg'':
Define a new service on the Nagios server, in <code>/usr/local/etc/nagios/objects/services.cfg</code>:
<pre>
<pre>
define service{
define service{
Line 17: Line 15:
         hostgroup_name                  freebsd-servers
         hostgroup_name                  freebsd-servers
         service_description            nrpe_check_ports
         service_description            nrpe_check_ports
         check_command                  check_nrpe2!check_ports
         check_command                  check_nrpe2!check_portaudit
}
}
</pre>
</pre>


I want all my FreeBSD servers to have their ports checked, so I added the hostgroup ''freebsd-servers'' to this check. The FreeBSD servers I monitor in this Nagios installation are all members of the hostgroup ''freebsd-servers''.
I call the check <code>check_portaudit</code> to better remember what it is.
 
I want all my FreeBSD servers to have their ports checked, so I added the hostgroup <code>freebsd-servers</code> to this check. The FreeBSD servers I monitor in this Nagios installation are all members of the hostgroup <code>freebsd-servers</code>.


== Install the plugin ==
== Install the plugin ==
Just install the port, easy as it gets. It installs ''/usr/ports/ports-mgmt/portaudit'' as a dependency, by the way:
Just install the port, easy as it gets. It installs <code>/usr/ports/ports-mgmt/[[portaudit]]</code> as a dependency, by the way:
<pre>
<pre>
sudo portmaster /usr/ports/net-mgmt/nagios-check_ports/
sudo portmaster /usr/ports/net-mgmt/nagios-check_ports/
Line 33: Line 33:
sudo portaudit -F
sudo portaudit -F
</pre>
</pre>
== Configuring NRPE ==
== Configuring NRPE ==
Add the following line to ''/usr/local/etc/nrpe.cfg'':
Add the following line to <code>/usr/local/etc/nrpe.cfg</code>:
<pre>
<pre>
command[check_ports]=/usr/local/libexec/nagios/check_ports
command[check_portaudit]=/usr/local/libexec/nagios/check_ports
</pre>
</pre>
I call the check <code>check_portaudit</code> to better remember what it is.


Remember to restart NRPE after changing the config:
Remember to restart NRPE after changing the config:

Latest revision as of 12:46, 28 February 2010

It is possible to monitor FreeBSD servers for outdated or vulnerable ports using Nagios and NRPE: 

$ cat /usr/ports/net-mgmt/nagios-check_ports/pkg-descr
Nagios Plugin to monitor your FreeBSD Ports Tree for updates or
installed packages with known security vulnerabilities.

Configuring Nagios

Define a new service on the Nagios server, in /usr/local/etc/nagios/objects/services.cfg: 

define service{
        use                             generic-service
        hostgroup_name                  freebsd-servers
        service_description             nrpe_check_ports
        check_command                   check_nrpe2!check_portaudit
}

I call the check check_portaudit to better remember what it is.

I want all my FreeBSD servers to have their ports checked, so I added the hostgroup freebsd-servers to this check. The FreeBSD servers I monitor in this Nagios installation are all members of the hostgroup freebsd-servers.

Install the plugin

Just install the port, easy as it gets. It installs /usr/ports/ports-mgmt/portaudit as a dependency, by the way: 

sudo portmaster /usr/ports/net-mgmt/nagios-check_ports/

Note: If this is the first time Portaudit (installed as a dependency) is used on the server, you need to download a fresh audit database before it will work. If you do not download it manually, it will happen automatically each night (called from periodic). To download a fresh audit database manually, run: 

sudo portaudit -F

Configuring NRPE

Add the following line to /usr/local/etc/nrpe.cfg: 

command[check_portaudit]=/usr/local/libexec/nagios/check_ports

I call the check check_portaudit to better remember what it is.

Remember to restart NRPE after changing the config: 

sudo /usr/local/etc/rc.d/nrpe2 restart
Retrieved from "https://tyk.wiki/index.php?title=Check_ports_-_NRPE_portaudit_check&oldid=228"