mikepell/dsfin-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add nrpe role

Browse Source
This commit is contained in:
Pi
2019-03-07 15:39:37 -05:00
parent b149cb3cd2
commit 88a36c542d
5 changed files with 774 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
main.yaml
View File

@@ -31,3 +31,6 @@
- hosts: salesforce
roles:
- salesforce
- hosts: all
roles:
- nrpe

409
roles/nrpe/files/check_mem.pl Executable file
View File

@@ -0,0 +1,409 @@
#!/usr/bin/perl -w
# Heavily based on the script from:
# check_mem.pl Copyright (C) 2000 Dan Larsson <dl@tyfon.net>
# heavily modified by
# Justin Ellison <justin@techadvise.com>
#
# The MIT License (MIT)
# Copyright (c) 2011 justin@techadvise.com
# Permission is hereby granted, free of charge, to any person obtaining a copy of this
# software and associated documentation files (the "Software"), to deal in the Software
# without restriction, including without limitation the rights to use, copy, modify,
# merge, publish, distribute, sublicense, and/or sell copies of the Software, and to
# permit persons to whom the Software is furnished to do so, subject to the following conditions:
# The above copyright notice and this permission notice shall be included in all copies
# or substantial portions of the Software.
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
# INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
# PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE
# FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT
# OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
# OTHER DEALINGS IN THE SOFTWARE.
# Tell Perl what we need to use
use strict;
use Getopt::Std;
#TODO - Convert to Nagios::Plugin
#TODO - Use an alarm
# Predefined exit codes for Nagios
use vars qw($opt_c $opt_f $opt_u $opt_w $opt_C $opt_v $opt_h %exit_codes);
%exit_codes = ('UNKNOWN' , 3,
'OK' , 0,
'WARNING' , 1,
'CRITICAL', 2,
);
# Get our variables, do our checking:
init();
# Get the numbers:
my ($free_memory_kb,$used_memory_kb,$caches_kb,$hugepages_kb) = get_memory_info();
print "$free_memory_kb Free\n$used_memory_kb Used\n$caches_kb Cache\n" if ($opt_v);
print "$hugepages_kb Hugepages\n" if ($opt_v and $opt_h);
if ($opt_C) { #Do we count caches as free?
$used_memory_kb -= $caches_kb;
$free_memory_kb += $caches_kb;
}
if ($opt_h) {
$used_memory_kb -= $hugepages_kb;
}
print "$used_memory_kb Used (after Hugepages)\n" if ($opt_v);
# Round to the nearest KB
$free_memory_kb = sprintf('%d',$free_memory_kb);
$used_memory_kb = sprintf('%d',$used_memory_kb);
$caches_kb = sprintf('%d',$caches_kb);
# Tell Nagios what we came up with
tell_nagios($used_memory_kb,$free_memory_kb,$caches_kb,$hugepages_kb);
sub tell_nagios {
my ($used,$free,$caches,$hugepages) = @_;
# Calculate Total Memory
my $total = $free + $used;
print "$total Total\n" if ($opt_v);
my $perf_warn;
my $perf_crit;
if ( $opt_u ) {
$perf_warn = int(${total} * $opt_w / 100);
$perf_crit = int(${total} * $opt_c / 100);
} else {
$perf_warn = int(${total} * ( 100 - $opt_w ) / 100);
$perf_crit = int(${total} * ( 100 - $opt_c ) / 100);
}
my $perfdata = "|TOTAL=${total}KB;;;; USED=${used}KB;${perf_warn};${perf_crit};; FREE=${free}KB;;;; CACHES=${caches}KB;;;;";
$perfdata .= " HUGEPAGES=${hugepages}KB;;;;" if ($opt_h);
if ($opt_f) {
my $percent = sprintf "%.1f", ($free / $total * 100);
if ($percent <= $opt_c) {
finish("CRITICAL - $percent% ($free kB) free!$perfdata",$exit_codes{'CRITICAL'});
}
elsif ($percent <= $opt_w) {
finish("WARNING - $percent% ($free kB) free!$perfdata",$exit_codes{'WARNING'});
}
else {
finish("OK - $percent% ($free kB) free.$perfdata",$exit_codes{'OK'});
}
}
elsif ($opt_u) {
my $percent = sprintf "%.1f", ($used / $total * 100);
if ($percent >= $opt_c) {
finish("CRITICAL - $percent% ($used kB) used!$perfdata",$exit_codes{'CRITICAL'});
}
elsif ($percent >= $opt_w) {
finish("WARNING - $percent% ($used kB) used!$perfdata",$exit_codes{'WARNING'});
}
else {
finish("OK - $percent% ($used kB) used.$perfdata",$exit_codes{'OK'});
}
}
}
# Show usage
sub usage() {
print "\ncheck_mem.pl v1.0 - Nagios Plugin\n\n";
print "usage:\n";
print " check_mem.pl -<f|u> -w <warnlevel> -c <critlevel>\n\n";
print "options:\n";
print " -f Check FREE memory\n";
print " -u Check USED memory\n";
print " -C Count OS caches as FREE memory\n";
print " -h Remove hugepages from the total memory count\n";
print " -w PERCENT Percent free/used when to warn\n";
print " -c PERCENT Percent free/used when critical\n";
print "\nCopyright (C) 2000 Dan Larsson <dl\@tyfon.net>\n";
print "check_mem.pl comes with absolutely NO WARRANTY either implied or explicit\n";
print "This program is licensed under the terms of the\n";
print "MIT License (check source code for details)\n";
exit $exit_codes{'UNKNOWN'};
}
sub get_memory_info {
my $used_memory_kb = 0;
my $free_memory_kb = 0;
my $total_memory_kb = 0;
my $caches_kb = 0;
my $hugepages_nr = 0;
my $hugepages_size = 0;
my $hugepages_kb = 0;
my $uname;
if ( -e '/usr/bin/uname') {
$uname = `/usr/bin/uname -a`;
}
elsif ( -e '/bin/uname') {
$uname = `/bin/uname -a`;
}
else {
die "Unable to find uname in /usr/bin or /bin!\n";
}
print "uname returns $uname" if ($opt_v);
if ( $uname =~ /Linux/ ) {
my @meminfo = `/bin/cat /proc/meminfo`;
foreach (@meminfo) {
chomp;
if (/^Mem(Total|Free):\s+(\d+) kB/) {
my $counter_name = $1;
if ($counter_name eq 'Free') {
$free_memory_kb = $2;
}
elsif ($counter_name eq 'Total') {
$total_memory_kb = $2;
}
}
elsif (/^(Buffers|Cached|SReclaimable):\s+(\d+) kB/) {
$caches_kb += $2;
}
elsif (/^Shmem:\s+(\d+) kB/) {
$caches_kb -= $1;
}
# These variables will most likely be overwritten once we look into
# /sys/kernel/mm/hugepages, unless we are running on linux <2.6.27
# and have to rely on them
elsif (/^HugePages_Total:\s+(\d+)/) {
$hugepages_nr = $1;
}
elsif (/^Hugepagesize:\s+(\d+) kB/) {
$hugepages_size = $1;
}
}
$hugepages_kb = $hugepages_nr * $hugepages_size;
$used_memory_kb = $total_memory_kb - $free_memory_kb;
# Read hugepages info from the newer sysfs interface if available
my $hugepages_sysfs_dir = '/sys/kernel/mm/hugepages';
if ( -d $hugepages_sysfs_dir ) {
# Reset what we read from /proc/meminfo
$hugepages_kb = 0;
opendir(my $dh, $hugepages_sysfs_dir)
|| die "Can't open $hugepages_sysfs_dir: $!";
while (my $entry = readdir $dh) {
if ($entry =~ /^hugepages-(\d+)kB/) {
$hugepages_size = $1;
my $hugepages_nr_file = "$hugepages_sysfs_dir/$entry/nr_hugepages";
open(my $fh, '<', $hugepages_nr_file)
|| die "Can't open $hugepages_nr_file for reading: $!";
$hugepages_nr = <$fh>;
close($fh);
$hugepages_kb += $hugepages_nr * $hugepages_size;
}
}
closedir($dh);
}
}
elsif ( $uname =~ /HP-UX/ ) {
# HP-UX, thanks to Christoph Fürstaller
my @meminfo = `/usr/bin/sudo /usr/local/bin/kmeminfo`;
foreach (@meminfo) {
chomp;
if (/^Physical memory\s\s+=\s+(\d+)\s+(\d+.\d)g/) {
$total_memory_kb = ($2 * 1024 * 1024);
}
elsif (/^Free memory\s\s+=\s+(\d+)\s+(\d+.\d)g/) {
$free_memory_kb = ($2 * 1024 * 1024);
}
}
$used_memory_kb = $total_memory_kb - $free_memory_kb;
}
elsif ( $uname =~ /FreeBSD/ ) {
# The FreeBSD case. 2013-03-19 www.claudiokuenzler.com
# free mem = Inactive*Page Size + Cache*Page Size + Free*Page Size
my $pagesize = `sysctl vm.stats.vm.v_page_size`;
$pagesize =~ s/[^0-9]//g;
my $mem_inactive = 0;
my $mem_cache = 0;
my $mem_free = 0;
my $mem_total = 0;
my $free_memory = 0;
my @meminfo = `/sbin/sysctl vm.stats.vm`;
foreach (@meminfo) {
chomp;
if (/^vm.stats.vm.v_inactive_count:\s+(\d+)/) {
$mem_inactive = ($1 * $pagesize);
}
elsif (/^vm.stats.vm.v_cache_count:\s+(\d+)/) {
$mem_cache = ($1 * $pagesize);
}
elsif (/^vm.stats.vm.v_free_count:\s+(\d+)/) {
$mem_free = ($1 * $pagesize);
}
elsif (/^vm.stats.vm.v_page_count:\s+(\d+)/) {
$mem_total = ($1 * $pagesize);
}
}
$free_memory = $mem_inactive + $mem_cache + $mem_free;
$free_memory_kb = ( $free_memory / 1024);
$total_memory_kb = ( $mem_total / 1024);
$used_memory_kb = $total_memory_kb - $free_memory_kb;
$caches_kb = ($mem_cache / 1024);
}
elsif ( $uname =~ /joyent/ ) {
# The SmartOS case. 2014-01-10 www.claudiokuenzler.com
# free mem = pagesfree * pagesize
my $pagesize = `pagesize`;
my $phys_pages = `kstat -p unix:0:system_pages:pagestotal | awk '{print \$NF}'`;
my $free_pages = `kstat -p unix:0:system_pages:pagesfree | awk '{print \$NF}'`;
my $arc_size = `kstat -p zfs:0:arcstats:size | awk '{print \$NF}'`;
my $arc_size_kb = $arc_size / 1024;
print "Pagesize is $pagesize" if ($opt_v);
print "Total pages is $phys_pages" if ($opt_v);
print "Free pages is $free_pages" if ($opt_v);
print "Arc size is $arc_size" if ($opt_v);
$caches_kb += $arc_size_kb;
$total_memory_kb = $phys_pages * $pagesize / 1024;
$free_memory_kb = $free_pages * $pagesize / 1024;
$used_memory_kb = $total_memory_kb - $free_memory_kb;
}
elsif ( $uname =~ /SunOS/ ) {
eval "use Sun::Solaris::Kstat";
if ($@) { #Kstat not available
if ($opt_C) {
print "You can't report on Solaris caches without Sun::Solaris::Kstat available!\n";
exit $exit_codes{UNKNOWN};
}
my @vmstat = `/usr/bin/vmstat 1 2`;
my $line;
foreach (@vmstat) {
chomp;
$line = $_;
}
$free_memory_kb = (split(/ /,$line))[5] / 1024;
my @prtconf = `/usr/sbin/prtconf`;
foreach (@prtconf) {
if (/^Memory size: (\d+) Megabytes/) {
$total_memory_kb = $1 * 1024;
}
}
$used_memory_kb = $total_memory_kb - $free_memory_kb;
}
else { # We have kstat
my $kstat = Sun::Solaris::Kstat->new();
my $phys_pages = ${kstat}->{unix}->{0}->{system_pages}->{physmem};
my $free_pages = ${kstat}->{unix}->{0}->{system_pages}->{freemem};
# We probably should account for UFS caching here, but it's unclear
# to me how to determine UFS's cache size. There's inode_cache,
# and maybe the physmem variable in the system_pages module??
# In the real world, it looks to be so small as not to really matter,
# so we don't grab it. If someone can give me code that does this,
# I'd be glad to put it in.
my $arc_size = (exists ${kstat}->{zfs} && ${kstat}->{zfs}->{0}->{arcstats}->{size}) ?
${kstat}->{zfs}->{0}->{arcstats}->{size} / 1024
: 0;
$caches_kb += $arc_size;
my $pagesize = `pagesize`;
$total_memory_kb = $phys_pages * $pagesize / 1024;
$free_memory_kb = $free_pages * $pagesize / 1024;
$used_memory_kb = $total_memory_kb - $free_memory_kb;
}
}
elsif ( $uname =~ /Darwin/ ) {
$total_memory_kb = (split(/ /,`/usr/sbin/sysctl hw.memsize`))[1]/1024;
my $pagesize = (split(/ /,`/usr/sbin/sysctl hw.pagesize`))[1];
$caches_kb = 0;
my @vm_stat = `/usr/bin/vm_stat`;
foreach (@vm_stat) {
chomp;
if (/^(Pages free):\s+(\d+)\.$/) {
$free_memory_kb = $2*$pagesize/1024;
}
# 'caching' concept works different on MACH
# this should be a reasonable approximation
elsif (/^Pages (inactive|purgable):\s+(\d+).$/) {
$caches_kb += $2*$pagesize/1024;
}
}
$used_memory_kb = $total_memory_kb - $free_memory_kb;
}
elsif ( $uname =~ /AIX/ ) {
my @meminfo = `/usr/bin/vmstat -vh`;
foreach (@meminfo) {
chomp;
if (/^\s*([0-9.]+)\s+(.*)/) {
my $counter_name = $2;
if ($counter_name eq 'memory pages') {
$total_memory_kb = $1*4;
}
if ($counter_name eq 'free pages') {
$free_memory_kb = $1*4;
}
if ($counter_name eq 'file pages') {
$caches_kb = $1*4;
}
if ($counter_name eq 'Number of 4k page frames loaned') {
$free_memory_kb += $1*4;
}
}
}
$used_memory_kb = $total_memory_kb - $free_memory_kb;
}
else {
if ($opt_C) {
print "You can't report on $uname caches!\n";
exit $exit_codes{UNKNOWN};
}
my $command_line = `vmstat | tail -1 | awk '{print \$4,\$5}'`;
chomp $command_line;
my @memlist = split(/ /, $command_line);
# Define the calculating scalars
$used_memory_kb = $memlist[0]/1024;
$free_memory_kb = $memlist[1]/1024;
$total_memory_kb = $used_memory_kb + $free_memory_kb;
}
return ($free_memory_kb,$used_memory_kb,$caches_kb,$hugepages_kb);
}
sub init {
# Get the options
if ($#ARGV le 0) {
&usage;
}
else {
getopts('c:fuChvw:');
}
# Shortcircuit the switches
if (!$opt_w or $opt_w == 0 or !$opt_c or $opt_c == 0) {
print "*** You must define WARN and CRITICAL levels!\n";
&usage;
}
elsif (!$opt_f and !$opt_u) {
print "*** You must select to monitor either USED or FREE memory!\n";
&usage;
}
# Check if levels are sane
if ($opt_w <= $opt_c and $opt_f) {
print "*** WARN level must not be less than CRITICAL when checking FREE memory!\n";
&usage;
}
elsif ($opt_w >= $opt_c and $opt_u) {
print "*** WARN level must not be greater than CRITICAL when checking USED memory!\n";
&usage;
}
}
sub finish {
my ($msg,$state) = @_;
print "$msg\n";
exit $state;
}

314
roles/nrpe/files/nrpe.cfg Normal file
View File

@@ -0,0 +1,314 @@
#############################################################################
# Sample NRPE Config File
# Written by: Ethan Galstad (nagios@nagios.org)
#
# Last Modified: 2016-05-10
#
# NOTES:
# This is a sample configuration file for the NRPE daemon. It needs to be
# located on the remote host that is running the NRPE daemon, not the host
# from which the check_nrpe client is being executed.
#############################################################################
# LOG FACILITY
# The syslog facility that should be used for logging purposes.
log_facility=daemon
# DEBUGGING OPTION
# This option determines whether or not debugging messages are logged to the
# syslog facility.
# Values: 0=debugging off, 1=debugging on
debug=0
# PID FILE
# The name of the file in which the NRPE daemon should write it's process ID
# number. The file is only written if the NRPE daemon is started by the root
# user and is running in standalone mode.
pid_file=/var/run/nagios/nrpe.pid
# PORT NUMBER
# Port number we should wait for connections on.
# NOTE: This must be a non-priviledged port (i.e. > 1024).
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
server_port=5666
# SERVER ADDRESS
# Address that nrpe should bind to in case there are more than one interface
# and you do not want nrpe to bind on all interfaces.
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
#server_address=127.0.0.1
# LISTEN QUEUE SIZE
# Listen queue size (backlog) for serving incoming connections.
# You may want to increase this value under high load.
#listen_queue_size=5
# NRPE USER
# This determines the effective user that the NRPE daemon should run as.
# You can either supply a username or a UID.
#
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
nrpe_user=nagios
# NRPE GROUP
# This determines the effective group that the NRPE daemon should run as.
# You can either supply a group name or a GID.
#
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
nrpe_group=nagios
# ALLOWED HOST ADDRESSES
# This is an optional comma-delimited list of IP address or hostnames
# that are allowed to talk to the NRPE daemon. Network addresses with a bit mask
# (i.e. 192.168.1.0/24) are also supported. Hostname wildcards are not currently
# supported.
#
# Note: The daemon only does rudimentary checking of the client's IP
# address. I would highly recommend adding entries in your /etc/hosts.allow
# file to allow only the specified host to connect to the port
# you are running this daemon on.
#
# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
allowed_hosts=192.168.201.2
# COMMAND ARGUMENT PROCESSING
# This option determines whether or not the NRPE daemon will allow clients
# to specify arguments to commands that are executed. This option only works
# if the daemon was configured with the --enable-command-args configure script
# option.
#
# *** ENABLING THIS OPTION IS A SECURITY RISK! ***
# Read the SECURITY file for information on some of the security implications
# of enabling this variable.
#
# Values: 0=do not allow arguments, 1=allow command arguments
dont_blame_nrpe=1
# BASH COMMAND SUBTITUTION
# This option determines whether or not the NRPE daemon will allow clients
# to specify arguments that contain bash command substitutions of the form
# $(...). This option only works if the daemon was configured with both
# the --enable-command-args and --enable-bash-command-substitution configure
# script options.
#
# *** ENABLING THIS OPTION IS A HIGH SECURITY RISK! ***
# Read the SECURITY file for information on some of the security implications
# of enabling this variable.
#
# Values: 0=do not allow bash command substitutions,
# 1=allow bash command substitutions
allow_bash_command_substitution=0
# COMMAND PREFIX
# This option allows you to prefix all commands with a user-defined string.
# A space is automatically added between the specified prefix string and the
# command line from the command definition.
#
# *** THIS EXAMPLE MAY POSE A POTENTIAL SECURITY RISK, SO USE WITH CAUTION! ***
# Usage scenario:
# Execute restricted commmands using sudo. For this to work, you need to add
# the nagios user to your /etc/sudoers. An example entry for alllowing
# execution of the plugins from might be:
#
# nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/
#
# This lets the nagios user run all commands in that directory (and only them)
# without asking for a password. If you do this, make sure you don't give
# random users write access to that directory or its contents!
# command_prefix=/usr/bin/sudo
# COMMAND TIMEOUT
# This specifies the maximum number of seconds that the NRPE daemon will
# allow plugins to finish executing before killing them off.
command_timeout=60
# CONNECTION TIMEOUT
# This specifies the maximum number of seconds that the NRPE daemon will
# wait for a connection to be established before exiting. This is sometimes
# seen where a network problem stops the SSL being established even though
# all network sessions are connected. This causes the nrpe daemons to
# accumulate, eating system resources. Do not set this too low.
connection_timeout=300
# WEAK RANDOM SEED OPTION
# This directive allows you to use SSL even if your system does not have
# a /dev/random or /dev/urandom (on purpose or because the necessary patches
# were not applied). The random number generator will be seeded from a file
# which is either a file pointed to by the environment valiable $RANDFILE
# or $HOME/.rnd. If neither exists, the pseudo random number generator will
# be initialized and a warning will be issued.
# Values: 0=only seed from /dev/[u]random, 1=also seed from weak randomness
allow_weak_random_seed=1
# SSL/TLS OPTIONS
# These directives allow you to specify how to use SSL/TLS.
# SSL VERSION
# This can be any of: SSLv2 (only use SSLv2), SSLv2+ (use any version),
# SSLv3 (only use SSLv3), SSLv3+ (use SSLv3 or above), TLSv1 (only use
# TLSv1), TLSv1+ (use TLSv1 or above), TLSv1.1 (only use TLSv1.1),
# TLSv1.1+ (use TLSv1.1 or above), TLSv1.2 (only use TLSv1.2),
# TLSv1.2+ (use TLSv1.2 or above)
# If an "or above" version is used, the best will be negotiated. So if both
# ends are able to do TLSv1.2 and use specify SSLv2, you will get TLSv1.2.
#ssl_version=SSLv2+
# SSL USE ADH
# This is for backward compatibility and is DEPRECATED. Set to 1 to enable
# ADH or 2 to require ADH. 1 is currently the default but will be changed
# in a later version.
#ssl_use_adh=1
# SSL CIPHER LIST
# This lists which ciphers can be used. For backward compatibility, this
# defaults to 'ssl_cipher_list=ALL:!MD5:@STRENGTH' in this version but
# will be changed to something like the example below in a later version of NRPE.
#ssl_cipher_list=ALL:!MD5:@STRENGTH
#ssl_cipher_list=ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH
# SSL Certificate and Private Key Files
#ssl_cacert_file=/etc/ssl/servercerts/ca-cert.pem
#ssl_cert_file=/etc/ssl/servercerts/nagios-cert.pem
#ssl_privatekey_file=/etc/ssl/servercerts/nagios-key.pem
# SSL USE CLIENT CERTS
# This options determines client certificate usage.
# Values: 0 = Don't ask for or require client certificates (default)
# 1 = Ask for client certificates
# 2 = Require client certificates
#ssl_client_certs=0
# SSL LOGGING
# This option determines which SSL messages are send to syslog. OR values
# together to specify multiple options.
# Values: 0x00 (0) = No additional logging (default)
# 0x01 (1) = Log startup SSL/TLS parameters
# 0x02 (2) = Log remote IP address
# 0x04 (4) = Log SSL/TLS version of connections
# 0x08 (8) = Log which cipher is being used for the connection
# 0x10 (16) = Log if client has a certificate
# 0x20 (32) = Log details of client's certificate if it has one
# -1 or 0xff or 0x2f = All of the above
#ssl_logging=0x00
# INCLUDE CONFIG FILE
# This directive allows you to include definitions from an external config file.
#include=<somefile.cfg>
# INCLUDE CONFIG DIRECTORY
# This directive allows you to include definitions from config files (with a
# .cfg extension) in one or more directories (with recursion).
#include_dir=<somedirectory>
#include_dir=<someotherdirectory>
# COMMAND DEFINITIONS
# Command definitions that this daemon will run. Definitions
# are in the following format:
#
# command[<command_name>]=<command_line>
#
# When the daemon receives a request to return the results of <command_name>
# it will execute the command specified by the <command_line> argument.
#
# Unlike Nagios, the command line cannot contain macros - it must be
# typed exactly as it should be executed.
#
# Note: Any plugins that are used in the command lines must reside
# on the machine that this daemon is running on! The examples below
# assume that you have plugins installed in a /usr/local/nagios/libexec
# directory. Also note that you will have to modify the definitions below
# to match the argument format the plugins expect. Remember, these are
# examples only!
# The following examples use hardcoded command arguments...
command[check_users]=/usr/lib/nagios/plugins/check_users -w 5 -c 10
command[check_load]=/usr/lib/nagios/plugins/check_load -w 15,10,5 -c 30,25,20
command[check_hda1]=/usr/lib/nagios/plugins/check_disk -w 20% -c 10% -p /dev/hda1
command[check_zombie_procs]=/usr/lib/nagios/plugins/check_procs -w 5 -c 10 -s Z
command[check_total_procs]=/usr/lib/nagios/plugins/check_procs -w 150 -c 200
# The following examples allow user-supplied arguments and can
# only be used if the NRPE daemon was compiled with support for
# command arguments *AND* the dont_blame_nrpe directive in this
# config file is set to '1'. This poses a potential security risk, so
# make sure you read the SECURITY file before doing this.
#command[check_users]=/usr/lib/nagios/plugins/check_users -w $ARG1$ -c $ARG2$
#command[check_load]=/usr/lib/nagios/plugins/check_load -w $ARG1$ -c $ARG2$
#command[check_disk]=/usr/lib/nagios/plugins/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
#command[check_procs]=/usr/lib/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$
# local configuration:
# if you'd prefer, you can instead place directives here
include=/etc/nagios/nrpe_local.cfg
# you can place your config snipplets into nrpe.d/
# only snipplets ending in .cfg will get included
include_dir=/etc/nagios/nrpe.d/

10
roles/nrpe/files/nrpe_local.cfg Normal file
View File

@@ -0,0 +1,10 @@
######################################
# Do any local nrpe configuration here
######################################
command[check_test_file_100M]=/usr/bin/sudo /usr/lib/nagios/plugins/check_file_age -w 86400 -c 1570000 -W 50000000 -C 10 -f '/home/pi/Documents/smb/test_file_100M'
command[check_test_file_200M]=/usr/bin/sudo /usr/lib/nagios/plugins/check_file_age -w 86400 -c 1570000 -W 100000000 -C 10 -f '/home/pi/Documents/smb/test_file_200M'
command[check_test_file_500M]=/usr/bin/sudo /usr/lib/nagios/plugins/check_file_age -w 86400 -c 1570000 -W 250000000 -C 10 -f '/home/pi/Documents/smb/test_file_500M'
command[check_test_file_1G]=/usr/bin/sudo /usr/lib/nagios/plugins/check_file_age -w 86400 -c 1570000 -W 500000000 -C 10 -f '/home/pi/Documents/smb/test_file_1G'
command[check_root]=/usr/lib/nagios/plugins/check_disk -w 20% -c 10% -p /dev/mmcblk0p7
command[check_mem]=/usr/lib/nagios/plugins/check_mem.pl -u -C -w 85 -c 95

38
roles/nrpe/tasks/main.yaml Executable file
View File

@@ -0,0 +1,38 @@
---
- name: Install nrpe and plugins
become: true
apt:
name: "{{ packages }}"
vars:
packages:
- nagios-nrpe-server
- monitoring-plugins
tags: install_nrpe
- name: Copy configuration files
become: true
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
owner: root
group: root
mode: a+x
with_items:
- { src: "{{ role_path }}/files/nrpe.cfg", dest: "/etc/nagios" }
- { src: "{{ role_path }}/files/nrpe_local.cfg", dest: "/etc/nagios" }
- { src: "{{ role_path }}/files/check_mem.pl", dest: "/usr/lib/nagios/plugins" }
tags: configure_nrpe
- name: enable nrpe
become: true
systemd:
name: nagios-nrpe-server
enabled: yes
masked: no
state: restarted
tags: enable_nrpe
- lineinfile:
path: "/etc/sudoers"
state: present
line: "nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/"
validate: "/usr/sbin/visudo -cf %s"
become: true
tags: nagios_sudo