Check ports - NRPE portaudit check: Difference between revisions
m (moved Check-ports - NRPE portaudit check to Check ports - NRPE portaudit check over redirect) |
No edit summary |
||
(8 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
{{ | {{DISPLAYTITLE:check_ports - NRPE portaudit check}} | ||
[[category:nagios]] | [[category:nagios]] | ||
[[category:Ports_Management]] | [[category:Ports_Management]] | ||
It is possible to monitor servers for outdated or vulnerable ports using Nagios and NRPE: | It is possible to monitor FreeBSD servers for outdated or vulnerable ports using Nagios and NRPE: | ||
<pre> | <pre> | ||
$ cat /usr/ports/net-mgmt/nagios-check_ports/pkg-descr | $ cat /usr/ports/net-mgmt/nagios-check_ports/pkg-descr | ||
Line 8: | Line 8: | ||
installed packages with known security vulnerabilities. | installed packages with known security vulnerabilities. | ||
</pre> | </pre> | ||
== Configuring Nagios == | |||
Define a new service on the Nagios server, in <code>/usr/local/etc/nagios/objects/services.cfg</code>: | |||
<pre> | <pre> | ||
define service{ | |||
use generic-service | |||
hostgroup_name freebsd-servers | |||
service_description nrpe_check_ports | |||
check_command check_nrpe2!check_portaudit | |||
} | |||
</pre> | </pre> | ||
I call the check <code>check_portaudit</code> to better remember what it is. | |||
< | |||
</ | |||
I want all my FreeBSD servers to have their ports checked, so I added the hostgroup <code>freebsd-servers</code> to this check. The FreeBSD servers I monitor in this Nagios installation are all members of the hostgroup <code>freebsd-servers</code>. | |||
== Install the plugin == | |||
Just install the port, easy as it gets. It installs <code>/usr/ports/ports-mgmt/[[portaudit]]</code> as a dependency, by the way: | |||
<pre> | <pre> | ||
sudo /usr/ | sudo portmaster /usr/ports/net-mgmt/nagios-check_ports/ | ||
</pre> | </pre> | ||
Line 29: | Line 33: | ||
sudo portaudit -F | sudo portaudit -F | ||
</pre> | </pre> | ||
== Configuring NRPE == | |||
Add the following line to <code>/usr/local/etc/nrpe.cfg</code>: | |||
<pre> | |||
command[check_portaudit]=/usr/local/libexec/nagios/check_ports | |||
</pre> | |||
I call the check <code>check_portaudit</code> to better remember what it is. | |||
Remember to restart NRPE after changing the config: | |||
<pre> | <pre> | ||
sudo /usr/local/etc/rc.d/nrpe2 restart | |||
</pre> | </pre> | ||
Latest revision as of 12:46, 28 February 2010
It is possible to monitor FreeBSD servers for outdated or vulnerable ports using Nagios and NRPE:
$ cat /usr/ports/net-mgmt/nagios-check_ports/pkg-descr Nagios Plugin to monitor your FreeBSD Ports Tree for updates or installed packages with known security vulnerabilities.
Configuring Nagios
Define a new service on the Nagios server, in /usr/local/etc/nagios/objects/services.cfg
:
define service{ use generic-service hostgroup_name freebsd-servers service_description nrpe_check_ports check_command check_nrpe2!check_portaudit }
I call the check check_portaudit
to better remember what it is.
I want all my FreeBSD servers to have their ports checked, so I added the hostgroup freebsd-servers
to this check. The FreeBSD servers I monitor in this Nagios installation are all members of the hostgroup freebsd-servers
.
Install the plugin
Just install the port, easy as it gets. It installs /usr/ports/ports-mgmt/portaudit
as a dependency, by the way:
sudo portmaster /usr/ports/net-mgmt/nagios-check_ports/
Note: If this is the first time Portaudit (installed as a dependency) is used on the server, you need to download a fresh audit database before it will work. If you do not download it manually, it will happen automatically each night (called from periodic). To download a fresh audit database manually, run:
sudo portaudit -F
Configuring NRPE
Add the following line to /usr/local/etc/nrpe.cfg
:
command[check_portaudit]=/usr/local/libexec/nagios/check_ports
I call the check check_portaudit
to better remember what it is.
Remember to restart NRPE after changing the config:
sudo /usr/local/etc/rc.d/nrpe2 restart