Filter
Top Products
Chapter 10: Nagios Integration
724-746-5500 | blackbox.com
103
use generic-service
check_command check_conn_via_Black Box!tcp!22
active_checks_enabled 0
passive_checks_enabled 1
}
define servicedependency{
name Black Box_nrpe_daemon_dep
host_name Black Box
dependent_host_name server
dependent_service_description SSH Port
service_description NRPE Daemon
execution_failure_criteria w,u,c
}
10.4.2 Basic Nagios Plug-Ins
Plug-ins are compiled executables or scripts that can be scheduled to run on the console server to check the status of a connected host or service.
This status is then communicated to the upstream Nagios server that uses the results to monitor the current status of the distributed network. Each
console server is preconfigured with a selection of the checks that are part of the Nagios plug-ins package:
check_tcp and check_udp are used to check open ports on network hosts
check_ping is used to check network host availability
check_nrpe is used to execute arbitrary plug-ins in other devices
Each console server is preconfigured with two checks that are specific to Black Box:
check_serial_signals is used to monitor the handshaking lines on the serial ports
check_port_log is used to monitor the data logged for a serial port.
10.4.3 Number of Supported Devices
Ultimately the number of devices any particular console server can support depends upon the number of checks made, and how often they are
performed. Access method will also play a part. The table below shows the performance of three of the console servers:
Time No encryption 3DES SSH tunnel
NSCA for single check ~ ½ second ~ ½ second ~ ½ second
NSCA for 100 sequential checks 100 seconds 100 seconds 100 seconds
NSCA for 10 sequential checks, batched upload 1 ½ seconds 2 seconds 1 second
NSCA for 100 sequential checks, batched upload 7 seconds 11 seconds 6 seconds
No encryption SSL no encryption -
tunneled over existing
SSH session
NRPE time to service 1 check 1/10
th
second 1/3
rd
second 1/8
th
second
NRPE time to service 10 simultaneous
checks
1 second 3 seconds 1 ¼ seconds
Maximum number of simultaneous checks
before timeouts
30 20 (1,2 and 8) or 25
(16 and 48 port)
25 (8 port), 35 (16 and
48 port)
The results were from running tests 5 times in succession with no timeouts on any runs. There are a number of ways to increase the number of
checks you can do.
Usually when using NRPE checks, an individual request will need to set up and tear down an SSL connection. This overhead can be avoided by
setting up an SSH session to the console server and tunneling the NRPE port. This allows the NRPE daemon to run securely without SSL encryption,
because SSH will provide the security.
When the console server submits NSCA results, it staggers them over a certain time period (for example, 20 checks over 10 minutes will result in
two check results every minute). Staggering the results like this means that if the power fails or other incident causes multiple problems, the
individual freshness checks will be staggered too.
NSCA checks are also batched. In the previous example, the two checks per minute are sent through in a single transaction.