trevor mcdonald - nagios xi under the hood
TRANSCRIPT
![Page 2: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/2.jpg)
Who am I?
●Support Manager, Nagios Enterprises
–tmcdonald on Support Forum
–https://github.com/tmcnag
–NWC2014 - Nagduino
●Non-Work
–World languages
–Computer security
![Page 3: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/3.jpg)
Intro●Scope
–Nagios XI 5 w/ Nagios Core 4.1.1
–ndomod in use
–Bulk mode with NPCD
●Scope (but still mostly valid)
–Pre-2014 XI
–Pre-4 Core
–mod_gearman / DNX / remote agents
![Page 4: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/4.jpg)
Intro●Files
–Flat files–RRD–MySQL–Postgres (sorta)
●Processes
–nagios–ndo2db–cron–npcd
![Page 5: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/5.jpg)
Overview●Check is run
–Exit code & status output stashed
–Performance data split off
–Event handlers and/or notifications launched
●Perfdata processed
–Multi-step process
●Reports, Web GUI, etc.
![Page 6: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/6.jpg)
![Page 7: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/7.jpg)
Check is Run
●Check hits next_check_time (status.dat)
●execvp('/path/to/plugin', *args);
●Results are reaped and passed along
●They look like this
–PING OK - Packet loss = 0%, RTA = 0.40
ms|rta=0.401000ms;400.000000;800.000000;0.000000
pl=0%;40;80;0
![Page 8: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/8.jpg)
Results are Processed
●Exit Code
●Status Output
–Performance Data is included here, everything after the “|”
character
●Not much* done with these
–*That I will be covering today
![Page 9: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/9.jpg)
Exit Code/Status Output
●Goes many places:
–status.dat
–retention.dat
–nagios.log if non-OK
–syslog (optional, enabled by default)
–ndo database (optional*, enabled by default)
![Page 10: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/10.jpg)
Performance Data●Split from status output after “|” character
●Handled by
–Nagios
–Cron
–NPCD
●Also goes many places:
–Flat files – XML files
–Databases – RRD files
![Page 11: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/11.jpg)
Performance Data
![Page 12: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/12.jpg)
Performance Data●Standardized format
'label'=value[UOM];[warn];[crit];[min];[max]
![Page 13: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/13.jpg)
Performance Data●Standardized format
'label'=value[UOM];[warn];[crit];[min];[max]
rta=0.401000ms;400.000000;800.000000;0.000000 pl=0%;40;80;0
![Page 14: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/14.jpg)
Performance Data●Standardized format
'label'=value[UOM];[warn];[crit];[min];[max]
rta=0.401000ms;400.000000;800.000000;0.000000 pl=0%;40;80;0
label value warn crit min
max
rta 0.401000ms 400.000000 800.000000
0.000000
pl 0% 40 80
0
![Page 15: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/15.jpg)
Nagios
●Stores in:
–…/var/[host|service]-perfdata
●Using the form defined by:
–[host|service]_perfdata_file_template
●Then every 15 seconds (by default)–[host|service]_perfdata_file_processing_interval
●Nagios will run:–[host|service]_perfdata_file_processing_command
![Page 16: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/16.jpg)
Nagios
●process-[host|service]-perfdata-file-bulk
●
/bin/mv
…/var/[host|service]-perfdata
…/var/spool/xidpe/$TIMET$.perfdata.[host|service]
![Page 17: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/17.jpg)
Cron
●/usr/local/nagiosxi/cron/perfdataproc.php
●Runs every minute, but in a 55-second loop
●Moves files into …/var/spool/perfdata/
●Also handles Outbound Transfers
![Page 18: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/18.jpg)
NPCD
●Does the real processing legwork
●Every 15 seconds by default:
–…/libexec/process_perfdata.pl
which places processed files into:
–…/share/perfdata/<hostname>/<servicedesc>.rrd
…/share/perfdata/<hostname>/<servicedesc>.xml
![Page 19: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/19.jpg)
NPCD
![Page 20: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/20.jpg)
Event Handlers/Notifications
●Standard Nagios logic takes over
●Event Handlers run on every state change
–Some only take action for certain states
●Notifications run after max_check_attempts
–XI Notification process is…
●Complicated
●Somewhat proprietary
![Page 21: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/21.jpg)
Notifications
●Contacts have notification commands
–notify-[host|service]-by-email
–xi_[host|service]_notification_h
andler
●Core basically just calls sendmail with args
●XI can
–Use SMTP – Set importance
![Page 22: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/22.jpg)
Notifications
●SMTP
–Authenticated, trusted
–Encryption possible
●Importance
–Marks as High-Priority
–Dependent on mail client
![Page 23: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/23.jpg)
Notifications
●SMS
–Convenient
–Faster response times
●Methods
–Warning to email
–Critical to SMS
![Page 24: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/24.jpg)
Notifications
●PHP script
/usr/bin/php
/usr/local/nagiosxi/scripts/handle_nagioscore_notification.php
●Plus tons of arguments
--notification-type
--servicestate
--contact
![Page 25: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/25.jpg)
Notifications
●Pulls user info from db
–MySQL in XI 5
–Postgres in 2014 and older
●Formatted nicely
–Configurable
●Sent via PHPMailer
![Page 26: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/26.jpg)
Reports/GUI●Pull primarily from these files
–nagios.log
–Archived logs in …/var/archives/
–RRD files in …/share/perfdata/…
●And from many db tables, such as
–nagios_acknowledgments
–nagios_statehistory
–nagios_notifications
![Page 27: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/27.jpg)
![Page 28: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/28.jpg)
Thanks To●Scott Wilkerson
–Explaining finer points of XI, general presentation advice
●John Frickson
–Clearing up Core logic
●Amy Lohmann
–Formatting and consistency
●Jesse Olson
–Guinea pig
![Page 29: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/29.jpg)
Thank you!
Any Questions?
![Page 30: Trevor McDonald - Nagios XI Under The Hood](https://reader034.vdocument.in/reader034/viewer/2022052117/58a44bff1a28ab55068b4815/html5/thumbnails/30.jpg)