source: trunk/server/fedora/config/etc/nagios/nrpe.cfg @ 1849

Last change on this file since 1849 was 1849, checked in by adehnert, 11 years ago
Add check for kernel taints This should allow nagios to alert on things like OOPSes and BUGS. See -i nagios.shining-armor.LOAD.d today for some of the background. Code initially by geofft and slightly updated by me.
File size: 7.9 KB
Line 
1#############################################################################
2# Sample NRPE Config File
3# Written by: Ethan Galstad (nagios@nagios.org)
4#
5# Last Modified: 11-23-2007
6#
7# NOTES:
8# This is a sample configuration file for the NRPE daemon.  It needs to be
9# located on the remote host that is running the NRPE daemon, not the host
10# from which the check_nrpe client is being executed.
11#############################################################################
12
13
14# LOG FACILITY
15# The syslog facility that should be used for logging purposes.
16
17log_facility=daemon
18
19
20
21# PID FILE
22# The name of the file in which the NRPE daemon should write it's process ID
23# number.  The file is only written if the NRPE daemon is started by the root
24# user and is running in standalone mode.
25
26pid_file=/var/run/nrpe.pid
27
28
29
30# PORT NUMBER
31# Port number we should wait for connections on.
32# NOTE: This must be a non-priviledged port (i.e. > 1024).
33# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
34
35server_port=5666
36
37
38
39# SERVER ADDRESS
40# Address that nrpe should bind to in case there are more than one interface
41# and you do not want nrpe to bind on all interfaces.
42# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
43
44#server_address=127.0.0.1
45
46
47
48# NRPE USER
49# This determines the effective user that the NRPE daemon should run as. 
50# You can either supply a username or a UID.
51#
52# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
53
54nrpe_user=nrpe
55
56
57
58# NRPE GROUP
59# This determines the effective group that the NRPE daemon should run as. 
60# You can either supply a group name or a GID.
61#
62# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
63
64nrpe_group=nrpe
65
66
67
68# ALLOWED HOST ADDRESSES
69# This is an optional comma-delimited list of IP address or hostnames
70# that are allowed to talk to the NRPE daemon.
71#
72# Note: The daemon only does rudimentary checking of the client's IP
73# address.  I would highly recommend adding entries in your /etc/hosts.allow
74# file to allow only the specified host to connect to the port
75# you are running this daemon on.
76#
77# NOTE: This option is ignored if NRPE is running under either inetd or xinetd
78
79allowed_hosts=18.187.1.128,18.181.0.65
80 
81
82
83# COMMAND ARGUMENT PROCESSING
84# This option determines whether or not the NRPE daemon will allow clients
85# to specify arguments to commands that are executed.  This option only works
86# if the daemon was configured with the --enable-command-args configure script
87# option. 
88#
89# *** ENABLING THIS OPTION IS A SECURITY RISK! ***
90# Read the SECURITY file for information on some of the security implications
91# of enabling this variable.
92#
93# Values: 0=do not allow arguments, 1=allow command arguments
94
95dont_blame_nrpe=1
96
97
98
99# COMMAND PREFIX
100# This option allows you to prefix all commands with a user-defined string.
101# A space is automatically added between the specified prefix string and the
102# command line from the command definition.
103#
104# *** THIS EXAMPLE MAY POSE A POTENTIAL SECURITY RISK, SO USE WITH CAUTION! ***
105# Usage scenario:
106# Execute restricted commmands using sudo.  For this to work, you need to add
107# the nagios user to your /etc/sudoers.  An example entry for alllowing
108# execution of the plugins from might be:
109#
110# nagios          ALL=(ALL) NOPASSWD: /usr/lib/nagios/plugins/
111#
112# This lets the nagios user run all commands in that directory (and only them)
113# without asking for a password.  If you do this, make sure you don't give
114# random users write access to that directory or its contents!
115
116# command_prefix=/usr/bin/sudo
117
118
119
120# DEBUGGING OPTION
121# This option determines whether or not debugging messages are logged to the
122# syslog facility.
123# Values: 0=debugging off, 1=debugging on
124
125debug=0
126
127
128
129# COMMAND TIMEOUT
130# This specifies the maximum number of seconds that the NRPE daemon will
131# allow plugins to finish executing before killing them off.
132
133command_timeout=60
134
135
136
137# CONNECTION TIMEOUT
138# This specifies the maximum number of seconds that the NRPE daemon will
139# wait for a connection to be established before exiting. This is sometimes
140# seen where a network problem stops the SSL being established even though
141# all network sessions are connected. This causes the nrpe daemons to
142# accumulate, eating system resources. Do not set this too low.
143
144connection_timeout=300
145
146
147
148# WEEK RANDOM SEED OPTION
149# This directive allows you to use SSL even if your system does not have
150# a /dev/random or /dev/urandom (on purpose or because the necessary patches
151# were not applied). The random number generator will be seeded from a file
152# which is either a file pointed to by the environment valiable $RANDFILE
153# or $HOME/.rnd. If neither exists, the pseudo random number generator will
154# be initialized and a warning will be issued.
155# Values: 0=only seed from /dev/[u]random, 1=also seed from weak randomness
156
157#allow_weak_random_seed=1
158
159
160
161# INCLUDE CONFIG FILE
162# This directive allows you to include definitions from an external config file.
163
164#include=<somefile.cfg>
165
166
167
168# INCLUDE CONFIG DIRECTORY
169# This directive allows you to include definitions from config files (with a
170# .cfg extension) in one or more directories (with recursion).
171
172#include_dir=<somedirectory>
173#include_dir=<someotherdirectory>
174
175
176
177# COMMAND DEFINITIONS
178# Command definitions that this daemon will run.  Definitions
179# are in the following format:
180#
181# command[<command_name>]=<command_line>
182#
183# When the daemon receives a request to return the results of <command_name>
184# it will execute the command specified by the <command_line> argument.
185#
186# Unlike Nagios, the command line cannot contain macros - it must be
187# typed exactly as it should be executed.
188#
189# Note: Any plugins that are used in the command lines must reside
190# on the machine that this daemon is running on!  The examples below
191# assume that you have plugins installed in a /usr/local/nagios/libexec
192# directory.  Also note that you will have to modify the definitions below
193# to match the argument format the plugins expect.  Remember, these are
194# examples only!
195
196
197# The following examples use hardcoded command arguments...
198
199#command[check_users]=/usr/lib64/nagios/plugins/check_users -w 5 -c 10
200#command[check_load]=/usr/lib64/nagios/plugins/check_load -w 15,10,5 -c 30,25,20
201#command[check_hda1]=/usr/lib64/nagios/plugins/check_disk -w 20% -c 10% -p /dev/hda1
202#command[check_zombie_procs]=/usr/lib64/nagios/plugins/check_procs -w 5 -c 10 -s Z
203#command[check_total_procs]=/usr/lib64/nagios/plugins/check_procs -w 150 -c 200
204
205
206# The following examples allow user-supplied arguments and can
207# only be used if the NRPE daemon was compiled with support for
208# command arguments *AND* the dont_blame_nrpe directive in this
209# config file is set to '1'.  This poses a potential security risk, so
210# make sure you read the SECURITY file before doing this.
211
212command[check_users]=/usr/lib64/nagios/plugins/check_users -w $ARG1$ -c $ARG2$
213command[check_load]=/usr/lib64/nagios/plugins/check_load -w $ARG1$ -c $ARG2$
214command[check_disk]=/usr/lib64/nagios/plugins/check_disk -w $ARG1$ -c $ARG2$ -A -i ^/mnt
215command[check_disk_p]=/usr/lib64/nagios/plugins/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
216command[check_procs]=/usr/lib64/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$
217command[check_procs_C]=/usr/lib64/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -C $ARG3$
218command[check_procs_P]=/usr/lib64/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -P $ARG3$
219command[check_procs_m]=/usr/lib64/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -m $ARG3$
220command[check_procs_s]=/usr/lib64/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$
221command[check_procs_u]=/usr/lib64/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -u $ARG3$
222command[check_procs_z]=/usr/lib64/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -z $ARG3$
223command[check_afs]=/etc/nagios/check_afs
224command[check_cron_working]=/etc/nagios/check_cron_working
225command[check_ldap_mmr]=/etc/nagios/check_ldap_mmr
226command[check_kern_taint]=/etc/nagios/check_kern_taint
Note: See TracBrowser for help on using the repository browser.