Intégration de la technologie Application NRPE-LDAP


ServicePilot application-nrpe-ldap


# NRPE LDAP Status

Overview

This package is designed to run an NRPE LDAP check and capture its alarm status using NRPE.

Description

This package can be customized to return the status of an check_ldap NRPE command. The status values OK, WARNING, CRITICAL and UNKNOWN.

The NRPE LDAP Status package will support remote NRPE with or without SSL encryption. At the moment only unencrypted connections to the NRPE Agent are supported.

Requirements

  • Network Flows - It is necessary to ensure network connectivity between ServicePilot and the monitored device. In case of a network infrastructure with a firewall, the following flow must be opened:

    • TCP/5666 (NRPE): Between ServicePilot Windows Agent and NRPE host
  • NRPE requirements

  • ServicePilot Requirements

    • ServicePilot Manager minimum version: 8.5
    • ServicePilot Agent minimum version: 8.5 installed and configured

Installation

Before adding a resource to monitor, make certain that all pre-requisites are in place and if a ServicePilot Agent is required, that it is communicating correctly with the ServicePilot Manager.

Add resource using Views Configuration web interface

  1. As an administrative user of ServicePilot, open the ServicePilot web interface.
  2. Navigate to Administration. The Configuration > Views web page will open.
  3. Click on the view in which to place the new resource in the Views hierarchy on the left of the interface. The View editor section will show the existing view contents.
  4. From the Packages list on the right of the interface, click and drag the application-nrpe-ldap package into the View editor and let go.
  5. The Resource properties dialog box will open to allow resource configuration.
  6. Click OK to close the Resource properties dialog box. Note that the dialog box will not close if required parameters are not set.
  7. Click Save to apply the new resource to ServicePilot configuration.

License

Object TypeLicense object ConsumedCondition
NRPE LDAP Status1

Key field notes

All of the LDAP parameters below cannot contain the following list of characters | ` & > < ' \ " [ ] { } ; ! (space) or unix shell command substitutions. In particular the base DN cannot contain spaces and the bind password cannot contain many special characters.

  1. Connection Parameters tab:

    1. NRPE Agent IP address/FQDN: IP address, host name or FQDN for the host runnig the NRPE daemon
    2. NRPE SSL connection: Disable to turn off NRPE connection encryption. The NRPE daemon must match the connection type.
    3. Polling Interval (sec): The polling connection interval. Must be greater than 60 seconds and less 270 seconds.
  2. LDAP Parameters tab:

    1. LDAP IP address/FQDN: IP address, host name or FQDN for the host runnig the LDAP server
    2. LDAP Port: TCP port of the LDAP server. Usually 389 or 636 if LDAP v2 SSL is used.
    3. LDAP IP version: Connect to the LDAP server using either IPv4 or IPv6
    4. LDAP Protocol: The LDAP protocol version as well as the encryption protocol to use
    5. LDAP base DN: The base DN to query. For example DC=company,DC=com
    6. LDAP bind: Does the LDAP server require authentication to perform the search of the base DN specified?
    7. LDAP bind DN: Bind DN or username
    8. LDAP Password: Bind password associated with the DN or username
  3. Alerts tab:

    1. Warning Response time (sec): If the LDAP query takes longer than this value then a warning will be returned
    2. Critical Response time (sec): If the LDAP query takes longer than this value then a critical error will be returned
    3. Timeout (sec): The time to wait before the LDAP query fails

Notes

NRPE SSL encryption will be available in a later release.

NRPE Configuration file parameters

Nagios NRPE and winrpe

For Nagios NRPE or winrpe, the following configuration parameters need to be set correctly:

Nagios NRPE (/etc/nagios/nrpe.cfg) or winrpe (C:\Program Files (x86)\ICW\nrpe.cfg):allowed_hosts=<servicepilot_agent_ip_address>dont_blame_nrpe=1command[check_ldap]=/usr/lib64/nagios/plugins/check_ldap $ARG1$ $ARG2$ $ARG3$ $ARG4$ $ARG5$ $ARG6$ $ARG7$ $ARG8$ $ARG9$ $ARG10$ $ARG11$ $ARG12$ $ARG13$ $ARG14$ $ARG15$ $ARG16$ $ARG17$ $ARG18$

When starting the Nagios NRPE deamon, a -n command line parameter needs to be added to run without SSL.

Nagios NRPE (/etc/init.d/nrpe):start() {   echo -n $"Starting $desc ($prog): "   daemon $prog -c "$CONFIG" -n -d

winrpe uses xinetd to start nrpe so the -n command line parameter needs to be added in xinetd configuration to run without SSL.

winrpe (C:\Program Files (x86)\ICW\etc\xinetd.d\nrpe):server = /bin/nrpeserver_args = -n -c /nrpe.cfg --inetd

NSClient++

For NSClient++, the following configuration parameters need to be set correctly:

NSClient++ (C:\Program Files\NSClient++\nsclient.ini):[/settings/default]allowed hosts = <servicepilot_agent_ip_address>[/settings/NRPE/server]insecure = trueuse ssl = falseverify mode = (if required)allow arguments = true[/settings/external scripts]allow arguments = true[/settings/external scripts/scripts]<script_name> = scripts\<script_file> <parameters> (for the scripts to be run)check_ldap = scripts\check_ldap $ARG1$ $ARG2$ $ARG3$ $ARG4$ $ARG5$ $ARG6$ $ARG7$ $ARG8$ $ARG9$ $ARG10$ $ARG11$ $ARG12$ $ARG13$ $ARG14$ $ARG15$ $ARG16$ $ARG17$ $ARG18$[/modules]CheckExternalScripts = 1CheckHelpers = 1NRPEServer = 1

Comment pouvons-nous vous aider ?

ou appelez-nous au +33 2 40 60 13 30