Welcome to docs.opsview.com

Differences

This shows you the differences between two versions of the page.

opsview4.6:unix_customise_agent [2014/09/09 12:19]
127.0.0.1 external edit
opsview4.6:unix_customise_agent [2015/06/25 16:29] (current)
pknight Links to ciphers and certificates page.
Line 1: Line 1:
-====== Opsview Unix Agent Customisation ===== +====== Opsview Unix Agent Customisation ======
-The Opsview unix agent package is based upon the NRPE daemon. +
 +The Opsview unix agent package is based upon the NRPE daemon.
===== Communication ===== ===== Communication =====
 +
==== Protocol ==== ==== Protocol ====
 +
However, the NRPE version is patched to allow sending more data than the regular NRPE (usually limited to 1K, but extended with our version to 16K) in a backward compatible way. It is important that you use the check_nrpe plugin delivered with Opsview as this can communicate between a regular NRPE daemon and the Opsview Agent version. However, the NRPE version is patched to allow sending more data than the regular NRPE (usually limited to 1K, but extended with our version to 16K) in a backward compatible way. It is important that you use the check_nrpe plugin delivered with Opsview as this can communicate between a regular NRPE daemon and the Opsview Agent version.
- 
==== Security ==== ==== Security ====
-All NRPE communication is default to sending with encryption on. However, there is no authentication built in to NRPE.+ 
 +All NRPE communication is default to sending with encryption on. In Opsview 4.6.3, we added the [[opsview4.6:opspacks:templates:opsviewagent|ability to change the cipher used, as well as support for SSL certificates]].
It is possible to set an ''allowed_hosts'' variable to only allow connections from specific IP addresses, although this is only a rudimentary security check. We recommend you use firewall rules to determine which IP addresses are allowed to connect. It is possible to set an ''allowed_hosts'' variable to only allow connections from specific IP addresses, although this is only a rudimentary security check. We recommend you use firewall rules to determine which IP addresses are allowed to connect.
Line 18: Line 20:
</code> </code>
-To set the ''allowed_hosts'' variable, create an override file in ''/usr/local/nagios/etc/nrpe_local/override.cfg''. Ensure the nagios user owns the file. +To set the ''allowed_hosts'' variable, create an override file in ''/usr/local/nagios/etc/nrpe_local/override.cfg''. Ensure the nagios user owns the file.
Add the line: Add the line:
Line 30: Line 32:
/etc/init.d/opsview-agent start /etc/init.d/opsview-agent start
</code> </code>
- 
===== Adding New Plugins ===== ===== Adding New Plugins =====
-The unix agents can be modified to add extra plugins as as below. + 
 +The unix agents can be modified to add extra plugins as as below.
Newer agents allow for supplementary packages to be created and installed over the top of the Opsview agent, which enables packaged customisations. Newer agents allow for supplementary packages to be created and installed over the top of the Opsview agent, which enables packaged customisations.
Line 44: Line 46:
<code> <code>
command[<script_name>]=/usr/local/nagios/libexec/nrpe_local/<script_name> $ARG1$ command[<script_name>]=/usr/local/nagios/libexec/nrpe_local/<script_name> $ARG1$
-</code> +</code>
i.e. i.e.
<code> <code>
Line 56: Line 58:
You can set up the service check within Opsview and assign to hosts as normal.  Any upgrade to the agent package should not lose any customisations. You can set up the service check within Opsview and assign to hosts as normal.  Any upgrade to the agent package should not lose any customisations.
- 
Navigation
Print/export
Toolbox