1

This is my first post here, please help me.

I want to monitor a few redhat servers which are behind a squid proxy server. I have done the below configuration:

RedHat Node behind proxy server configuration:- I have installed nrpe and also copied check_disk, check_cpu and check_mem plugins under /usr/lib64/nagios/plugins.

I also added the below lines in /etc/nagios/nrpe.cfg file.

allowed_hosts=127.0.0.1,Squid_Proxy_server_IP command[check_disk]=/usr/lib64/nagios/plugins/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$ command[check_cpu]=/usr/lib64/nagios/plugins/check_cpu -w $ARG1$ -c $ARG2$ command[check_mem]=/usr/lib64/nagios/plugins/check_mem -w $ARG1$ -c $ARG2$ -W $ARG3$ -C $ARG4$

Squid Proxy Server Configuration:- I have also installed nrpe in squid proxy server and copied check_disk, check_cpu, check_mem, check_nrpe and check_ping plugins under /usr/lib64/nagios/plugins. I also added the below lines in /etc/nagios/nrpe.cfg file.

allowed_hosts=127.0.0.1,Nagios_server_IP command[check_disk]=/usr/lib64/nagios/plugins/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$ command[check_cpu]=/usr/lib64/nagios/plugins/check_cpu -w $ARG1$ -c $ARG2$ command[check_mem]=/usr/lib64/nagios/plugins/check_mem -w $ARG1$ -c $ARG2$ -W $ARG3$ -C $ARG4$ command[check_proxy]=/usr/lib64/nagios/plugins/check_nrpe -t 60 -H $ARG1$ -c $ARG2$ -a $ARG3$ $ARG4$ command[check_ping]=/usr/lib64/nagios/plugins/check_ping -H $ARG1$ -w 3000.0,80% -c 5000.0,100% -p 5

If I run the below command from squid proxy server to RedHat server, I can get a correct output.

/usr/local/nagios/libexec/check_nrpe -H RedHat_IP -c check_disk -a 20% 10% /app

Also If I run the below command from nagios server to squid proxy server, I can get a correct output.

/usr/local/nagios/libexec/check_nrpe -H Proxy_server_IP -c check_disk -a 20% 10% /app

But if I run the below command to check the RedHat server status directly from nagios server via Proxy server I get "Error: Unable to read the output".

./check_nrpe -H Proxy_node_IP -c check_proxy -a RedHat_IP_behind_Proxy check_disk "20% 10% /app"

Please help me as it has become quite critical for our environment.

Improve this question
3
  • I don't know details of Nagios, but I doubt that it uses HTTP(S) compatible protocol with its remote communication. Squid is an HTTP(S) proxy, which uses HTTP(S). You should look into SSH tunneling for this use case. Commented Dec 4, 2021 at 7:58
  • You should try running check_nrpe -H Proxy_node_IP (localhost) -c check_proxy -a RedHat_IP_behind_Proxy check_disk "20% 10% /app" from the squid server, and not the nagios server. Hopefully you'll get some more useful feedback on what's failing instead of the generic "unable to read output". Commented Dec 7, 2021 at 13:42
  • NRPE uses TCP port 5666. I doubt you will not be able proxy NRPE through Squid. Is allowing port 5666 through your firewall out of the question? Commented Dec 13, 2021 at 7:06

1 Answer 1

Reset to default
0

do you have issue if check_by_ssh from Nagios?

Squid should be prepared:

acl localnet src X.X.X.X/X

Next, add the SSH port as a safe port by adding the following line:

acl Safe_ports port 22

Improve this answer
2
  • Thanks for the reply... I am using nrpe because SSH is not allowed in our environment. i am also not the owner of squid proxy server. I will discuss your suggested approach with my teamate. Should I add port 5666 as a safe port in squid proxy configuration?. Commented Dec 4, 2021 at 9:07
  • Adding 5666 as a safe port would definitly be worth a try. Commented Dec 4, 2021 at 11:00

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.