Re: [Nagios-users] check_ping strange behavior with google

2012-06-08 Thread Jake Xu 
Thank you Holger. That fixes a red light for me!

On Thu, Jun 7, 2012 at 11:21 PM, Cosmin Neagu wrote:

> You were right. It need to be told to use ipv4 with -4 switch.
> Thanks
>
>  Cosmin Neagu
>  NOC Team Leader
>  Str. I. G. Duca nr. 36
>  Otopeni, Judetul Ilfov, 075100 Romania
>  www.omnilogic.ro
>
>
> On 06/07/2012 11:32 PM, Holger Weiß wrote:
> > * Travis Runyard  [2012-06-07 13:18]:
> >> It does work but I was using google.com which doesn't. Strange because
> >> it is pingable but returns network unreachable with check_ping.
> > See my initial reply in this thread:
> >
> > | The hostname www.google.ro now¹ also resolves to an IPv6 address, and
> > | check_ping has issues with IPv6 dependending on the ping6(1)
> > | implementation used.  These issues will hopefully be fixed in the next
> > | release of the Nagios Plugins; until then, "check_ping -4 [...]" should
> > | do the trick.
> >
> > [ http://article.gmane.org/gmane.network.nagios.user/73851 ]
> >
> > Holger
> >
> >
> --
> > Live Security Virtual Conference
> > Exclusive live event will cover all the ways today's security and
> > threat landscape has changed and how IT managers can respond. Discussions
> > will include endpoint security, mobile security and the latest in malware
> > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> > ___
> > Nagios-users mailing list
> > Nagios-users@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/nagios-users
> > ::: Please include Nagios version, plugin version (-v) and OS when
> reporting any issue.
> > ::: Messages without supporting info will risk being sent to /dev/null
>
>
> --
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> ___
> Nagios-users mailing list
> Nagios-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
> reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

[Nagios-users] Graph url being changed.

2012-06-08 Thread durwin 
I have installed Fedora 17 and copied my Fedora 15 configuration files 
over.  Nagios works, data is collected.  However, when I click the icon to 
display pnp4nagios graph I find my url has been changed and of course it 
can't find what it is suppose to display.  Below you  can see under Fedroa 
17 label that the next line has changed.  Under Fedora 15 label, it is 
unchanged.   I can image something in configuration has changed, but what? 
 I am using the same nagios.conf in httpd/conf.d/.


FEDORA 17
172.23.93.249 - nagios [08/Jun/2012:14:01:26 -0600] "GET 
/nagios/pnp4nagios/index.php?host=comcast&srv=Packet%20Loss HTTP/1.1" 302 
90 "http://172.23.93.6/nagios/cgi-bin//status.cgi?host=all"; "Mozilla/5.0 
(Windows NT 5.1; rv:10.0.2) Gecko/20100101 Firefox/10.0.2"
172.23.93.249 - nagios [08/Jun/2012:14:01:26 -0600] "GET 
/nagios/pnp4nagios/graph HTTP/1.1" 404 298 "
http://172.23.93.6/nagios/cgi-bin//status.cgi?host=all"; "Mozilla/5.0 
(Windows NT 5.1; rv:10.0.2) Gecko/20100101 Firefox/10.0.2"


FEDORA 15
172.23.93.249 - nagios [08/Jun/2012:14:01:29 -0600] "GET 
/nagios/pnp4nagios/index.php?host=comcast&srv=Packet%20Loss HTTP/1.1" 200 
12319 "http://172.23.93.7/nagios/cgi-bin//status.cgi?host=all"; 
"Mozilla/5.0 (Windows NT 5.1; rv:10.0.2) Gecko/20100101 Firefox/10.0.2"
172.23.93.249 - nagios [08/Jun/2012:14:01:30 -0600] "GET 
/nagios/pnp4nagios/index.php?host=comcast&srv=Packet_Loss&source=2&view=2&end=1339185689&display=image
 
HTTP/1.1" 200 12938 "
http://172.23.93.7/nagios/pnp4nagios/index.php?host=comcast&srv=Packet%20Loss
" "Mozilla/5.0 (Windows NT 5.1; rv:10.0.2) Gecko/20100101 Firefox/10.0.2"


Thank you,

Durwin


This email message and any attachments are for the sole use of the 
intended recipient(s) and may contain proprietary and/or confidential 
information which may be privileged or otherwise protected from 
disclosure. Any unauthorized review, use, disclosure or distribution is 
prohibited. If you are not the intended recipient(s), please contact the 
sender by reply email and destroy the original message and any copies of 
the message as well as any attachments to the original message.--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] monitor number of open files on linux

2012-06-08 Thread Parkman, Mikhail 
Thank you, Allan -  yes this so obvious after you spelled it out for met.
Somehow I was thinking in the absolute numbers of open files instead of % of 
total.

From: Allan Clark [mailto:all...@chickenandporn.com]
Sent: Friday, June 08, 2012 2:09 PM
To: Nagios Users List
Subject: Re: [Nagios-users] monitor number of open files on linux

On Fri, Jun 8, 2012 at 1:53 PM, Parkman, Mikhail 
mailto:mikhail_park...@cable.comcast.com>> 
wrote:
Thanks - I decided to go with check_open_files.pl
http://exchange.nagios.org/directory/Plugins/Uncategorized/Operating-Systems/Linux/check-open-files/details

I didn't find help_me/read_me info for this plugin.
After I installed it on the target box into /usr/local/nagios/libexec and just 
executed it, I got:
--
[root@target_host libexec]# ./check_open_files.pl
Usage:  -w  -c  [-t ] [-v version] [-h help]
[root@target_host libexec]#
==
That told me that I should run it at least with "-w some_value1 -c some_value2"
Then I tried to run it with different -w -c values and I am not clear why I am 
getting different threshold values (bold, red) :
===
[root@ target_host libexec]# ./check_open_files.pl  
-w 500 -c 1
OK: open files (4590) is below threshold 
(16194515/323890300)|open_files=4590;16194515;323890300
[root@ target_host libexec]# ./check_open_files.pl 
-w 1000 -c 1
OK: open files (4590) is below threshold 
(32389030/323890300)|open_files=4590;32389030;323890300
[root@ target_host libexec]# ./check_open_files.pl 
-w 10 -c 100
OK: open files (4590) is below threshold 
(323890/3238903)|open_files=4590;323890;3238903
===
Why do I get in response 2 threshold values and why are they different each 
time I enter another number of warning and critical limits?

Clearly, in general terms compared to other plugins:

1) you're getting "OK" because 4590 is less than the thresholds you've set; had 
it exceeded 323890 (in the -w10 example) then you'd get WARN, and if it 
exceeded the other, an ERROR response.  The actual thresholds are returned back 
because they are based on a calculation, and when the values are below, but the 
suer thinks they shouldn't be, the Nagios/Icinga screen would show the ref 
values as well as a comment.

2) your question as to why the numbers change might be more complex than I'm 
reading, but it's clearly taking % of total system files as a threshold:

-w 500 --> 500% of (cat /proc/sys/fs/file-max) ==> 16194515
-c 1 --> 1% of (cat /proc/sys/fs/file-max) ==> 323890300

Have I misread your question(s)?

I would suggest you set your thresholds to alarm on percentages; I'm not sure 
50% and 80% are good numbers, but "-w 50 -c 80" would achieve those.

Allan
--
all...@chickenandporn.com  "金鱼" 
http://linkedin.com/in/goldfish
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] monitor number of open files on linux

2012-06-08 Thread Allan Clark 
On Fri, Jun 8, 2012 at 1:53 PM, Parkman, Mikhail <
mikhail_park...@cable.comcast.com> wrote:

>  Thanks - I decided to go with check_open_files.pl
> *
> http://exchange.nagios.org/directory/Plugins/Uncategorized/Operating-Systems/Linux/check-open-files/details
> *
>
> I didn't find help_me/read_me info for this plugin.
> After I installed it on the target box into /usr/local/nagios/libexec and
> just executed it, I got:
> --
> [root@target_host libexec]# ./check_open_files.pl
> Usage:  -w  -c  [-t ] [-v version] [-h help]
> [root@target_host libexec]#
> ==
> That told me that I should run it at least with "-w some_value1 -c
> some_value2"
> Then I tried to run it with different -w -c values and I am not clear why
> I am getting different threshold values (bold, red) :
> ===
> [root@ target_host libexec]# ./check_open_files.pl  -w 500 -c 1
> OK: open files (4590) is below threshold (*16194515/323890300*
> )|open_files=4590;*16194515;323890300*
> [root@ target_host libexec]# ./check_open_files.pl -w 1000 -c 1
> OK: open files (4590) is below threshold (*32389030/323890300*
> )|open_files=4590;*32389030;323890300*
> [root@ target_host libexec]# ./check_open_files.pl -w 10 -c 100
> OK: open files (4590) is below threshold (*323890/3238903*
> )|open_files=4590;*323890;3238903*
> ===
> Why do I get in response 2 threshold values and why are they different
> each time I enter another number of warning and critical limits?
>

Clearly, in general terms compared to other plugins:

1) you're getting "OK" because 4590 is less than the thresholds you've set;
had it exceeded 323890 (in the -w10 example) then you'd get WARN, and if it
exceeded the other, an ERROR response.  The actual thresholds are returned
back because they are based on a calculation, and when the values are
below, but the suer thinks they shouldn't be, the Nagios/Icinga screen
would show the ref values as well as a comment.

2) your question as to why the numbers change might be more complex than
I'm reading, but it's clearly taking % of total system files as a threshold:

-w 500 --> 500% of (cat /proc/sys/fs/file-max) ==> 16194515
-c 1 --> 1% of (cat /proc/sys/fs/file-max) ==> 323890300

Have I misread your question(s)?

I would suggest you set your thresholds to alarm on percentages; I'm not
sure 50% and 80% are good numbers, but "-w 50 -c 80" would achieve those.

Allan
-- 
all...@chickenandporn.com  "金鱼" http://linkedin.com/in/goldfish
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] monitor number of open files on linux

2012-06-08 Thread Parkman, Mikhail 
Thanks - I decided to go with check_open_files.pl
http://exchange.nagios.org/directory/Plugins/Uncategorized/Operating-Systems/Linux/check-open-files/details

I didn't find help_me/read_me info for this plugin.
After I installed it on the target box into /usr/local/nagios/libexec and just 
executed it, I got:
--
[root@target_host libexec]# ./check_open_files.pl
Usage:  -w  -c  [-t ] [-v version] [-h help]
[root@target_host libexec]#
==
That told me that I should run it at least with "-w some_value1 -c some_value2"
Then I tried to run it with different -w -c values and I am not clear why I am 
getting different threshold values (bold, red) :
===
[root@ target_host libexec]# ./check_open_files.pl  -w 500 -c 1
OK: open files (4590) is below threshold 
(16194515/323890300)|open_files=4590;16194515;323890300
[root@ target_host libexec]# ./check_open_files.pl -w 1000 -c 1
OK: open files (4590) is below threshold 
(32389030/323890300)|open_files=4590;32389030;323890300
[root@ target_host libexec]# ./check_open_files.pl -w 10 -c 100
OK: open files (4590) is below threshold 
(323890/3238903)|open_files=4590;323890;3238903
===
Why do I get in response 2 threshold values and why are they different each 
time I enter another number of warning and critical limits?
===
By the way, total system files limits on the target box is:

 [root@ target_host libexec]# cat /proc/sys/fs/file-max
3238903
===
Thanks.
-Original Message-
From: Edwin Zoeller 
[mailto:edwin.zoel...@ama-assn.org]
Sent: Friday, June 08, 2012 8:47 AM
To: Nagios Users List
Subject: Re: [Nagios-users] monitor number of open files on linux

Check_open_files.pl

-Original Message-
From: Parkman, Mikhail 
[mailto:mikhail_park...@cable.comcast.com]
Sent: Friday, June 08, 2012 10:20 AM
To: Nagios Users List
Subject: [Nagios-users] monitor number of open files on linux

Can somebody recommend plugin to monitor number of opened files.

Thanks.


--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and threat 
landscape has changed and how IT managers can respond. Discussions will include 
endpoint security, mobile security and the latest in malware threats. 
http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue.
::: Messages without supporting info will risk being sent to /dev/null

--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and threat 
landscape has changed and how IT managers can respond. Discussions will include 
endpoint security, mobile security and the latest in malware threats. 
http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue.
::: Messages without supporting info will risk being sent to /dev/null

--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] monitor number of open files on linux

2012-06-08 Thread Alex Griffin 
A quick search turned up 2 plugins that would do the job on Linux, 
check_open_files and check_linux_stats.

[1]: 
http://exchange.nagios.org/index.php?option=com_mtree&task=search&Itemid=74&searchword=open%20files

On Windows I would bet WMI exports that information somehow.

Alex Griffin
---
Tech Team
agrif...@nagios.com

On 06/08/2012 10:20 AM, Parkman, Mikhail wrote:
> Can somebody recommend plugin to monitor number of opened files.
>
> Thanks.
>
>
> --
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> ___
> Nagios-users mailing list
> Nagios-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when reporting 
> any issue.
> ::: Messages without supporting info will risk being sent to /dev/null

--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] monitor number of open files on linux

2012-06-08 Thread Edwin Zoeller 
Check_open_files.pl

-Original Message-
From: Parkman, Mikhail [mailto:mikhail_park...@cable.comcast.com] 
Sent: Friday, June 08, 2012 10:20 AM
To: Nagios Users List
Subject: [Nagios-users] monitor number of open files on linux

Can somebody recommend plugin to monitor number of opened files.

Thanks.


--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and threat 
landscape has changed and how IT managers can respond. Discussions will include 
endpoint security, mobile security and the latest in malware threats. 
http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] monitor number of open files on linux

2012-06-08 Thread Assaf Flatto 
check for check_lsof or check_openfiles on monitorexchange.com




On 08/06/12 16:20, Parkman, Mikhail wrote:
> Can somebody recommend plugin to monitor number of opened files.
>
> Thanks.
>
>
> --
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> ___
> Nagios-users mailing list
> Nagios-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when reporting 
> any issue.
> ::: Messages without supporting info will risk being sent to /dev/null


--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] monitor number of open files on linux

2012-06-08 Thread Alex Dehaini 
I would think you can pass regular commands via ssh to do that.


On Fri, Jun 8, 2012 at 11:20 AM, Parkman, Mikhail <
mikhail_park...@cable.comcast.com> wrote:

> Can somebody recommend plugin to monitor number of opened files.
>
> Thanks.
>
>
>
> --
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> ___
> Nagios-users mailing list
> Nagios-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
> reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

[Nagios-users] monitor number of open files on linux

2012-06-08 Thread Parkman, Mikhail 
Can somebody recommend plugin to monitor number of opened files.

Thanks.


--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] Disk Partitioning for Nagios

2012-06-08 Thread VictorSanchez2 
On 08/06/12 16:40, Alex Griffin wrote:
> I don't think it's really necessary to have a separate /usr or /boot
> partition. GRUB2 can boot from LVM partitions these days. 2 GB also
> seems excessive for a /tmp partition.
>
> In all honesty it doesn't actually matter as much as a lot of people
> think it does. There are some setups which are obviously brain dead, but
> much of it comes down to personal preference too. Using LVM will allow
> you to flexibly change your partitions as your needs shift, so you
> should definitely use that if you're unsure of your needs.
>
> Alex Griffin
> ---
> Tech Team
> agrif...@nagios.com
>
> On 06/07/2012 02:31 AM, Victor Sanchez2 wrote:
>> Hi Faiz,
>>
>> the more important things are about database and performace. If you are
>> going to work with NDOUtils for example and MySQL, the best option is to
>> create a new and independent mount point depending on the data retention
>> that you need. Then /var/lib/mysql could be a good option.
>>
>> For performance, if you are going to work with pnp4nagios for example, a
>> good option is an independent mount point for /var/lib/pnp4nagios.
>>
>> And for global configuration, you can create the following for example:
>>
>> 250MB - /boot  (out of the LVM)
>> LVM
>> XXX - swap (depending on your requirements)
>> 2GB  /tmp
>> 10GB /usr
>> 8GB   /var
>> 4GB   /home (it depends on that you want to do)
>> XXX  /opt  (if you don't need more "external" software, probably
>> you don't need it with a big reserve)
>> 2GB  /
>>
>> 50GB  /var/lib/mysql
>> 30GB  /var/lib/pnp4nagios
>>
>> Also, if you are going to work with SVN to save the .cfg files versions,
>> you probably need a new mount point for this to separate it.
>>
>> This is a example, it depends on each time. If you can, separete the
>> important things in different mount points and maintain an standard
>> operating system partitioning.
>>
>> Best regards,
>>   Víctor.
>>
>>
>> On 7 June 2012 08:25, Muhamad Faiz> >  wrote:
>>
>>  Hi guys, 
>>
>>  __ __
>>
>>  I’m not sure if this question has been asked before but I can’t find
>>  anything about this. What is the recommended partitioning scheme in
>>  Linux (ie Redhat) suitable for Nagios implementation? How much
>>  percentage for /, 40% for /var or what not. Please advice.
>>
>>  __ __
>>
>>  Thanks.
>>
>>  __ __
>>
>>  - Faiz
>>

Hi Alex,

Probably I'm agree with you, but there is a lot of important things and 
is only a general example, I don't know the distribution or version.

For example, Grub2 with a huge disks could have problems. Also, Grub2 
with LVM and XFS filesystems or LVM and cipher partions could have 
problems is several versions.

Also, a small /tmp with an third party application with problems could 
fill your filesystem with million of files, and also there is a lot of 
tasks that could fill it generating logs, tcpdumps, etc. 2GB there 
aren't a lot and could help you to avoid this.

I'm my opinion, for enterprise purposes, I prefer /boot without LVM and 
a little on /tmp to avoid problems with external applications or people 
that could use /tmp to generate logs or another things.

I repeat, all of this is only an example, each one could prefer one 
thing or another. Each environment is different.

Best regards,
Víctor.

--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Re: [Nagios-users] Disk Partitioning for Nagios

2012-06-08 Thread Alex Griffin 
I don't think it's really necessary to have a separate /usr or /boot 
partition. GRUB2 can boot from LVM partitions these days. 2 GB also 
seems excessive for a /tmp partition.

In all honesty it doesn't actually matter as much as a lot of people 
think it does. There are some setups which are obviously brain dead, but 
much of it comes down to personal preference too. Using LVM will allow 
you to flexibly change your partitions as your needs shift, so you 
should definitely use that if you're unsure of your needs.

Alex Griffin
---
Tech Team
agrif...@nagios.com

On 06/07/2012 02:31 AM, Victor Sanchez2 wrote:
> Hi Faiz,
>
> the more important things are about database and performace. If you are
> going to work with NDOUtils for example and MySQL, the best option is to
> create a new and independent mount point depending on the data retention
> that you need. Then /var/lib/mysql could be a good option.
>
> For performance, if you are going to work with pnp4nagios for example, a
> good option is an independent mount point for /var/lib/pnp4nagios.
>
> And for global configuration, you can create the following for example:
>
> 250MB - /boot  (out of the LVM)
> LVM
>XXX - swap (depending on your requirements)
>2GB  /tmp
>10GB /usr
>8GB   /var
>4GB   /home (it depends on that you want to do)
>XXX  /opt  (if you don't need more "external" software, probably
> you don't need it with a big reserve)
>2GB  /
>
>50GB  /var/lib/mysql
>30GB  /var/lib/pnp4nagios
>
> Also, if you are going to work with SVN to save the .cfg files versions,
> you probably need a new mount point for this to separate it.
>
> This is a example, it depends on each time. If you can, separete the
> important things in different mount points and maintain an standard
> operating system partitioning.
>
> Best regards,
>  Víctor.
>
>
> On 7 June 2012 08:25, Muhamad Faiz  > wrote:
>
> Hi guys, 
>
> __ __
>
> I’m not sure if this question has been asked before but I can’t find
> anything about this. What is the recommended partitioning scheme in
> Linux (ie Redhat) suitable for Nagios implementation? How much
> percentage for /, 40% for /var or what not. Please advice.
>
> __ __
>
> Thanks.
>
> __ __
>
> - Faiz
>
> __ __
>
> "CONFIDENTIALITY NOTICE: This message and any attachment are
> confidential and may also be privileged. If you are not the intended
> recipient of this e-mail you may not copy, forward, disclose or
> otherwise use it or any part of it in any form whatsoever. If you
> are not the intended recipient please telephone or e-mail the sender
> and delete this message and any attachment from your system."
>
>
> 
> --
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond.
> Discussions
> will include endpoint security, mobile security and the latest in
> malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> ___
> Nagios-users mailing list
> Nagios-users@lists.sourceforge.net
> 
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
> reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>
>
>
>
> --
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
>
>
>
> ___
> Nagios-users mailing list
> Nagios-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when reporting 
> any issue.
> ::: Messages without supporting info will risk being sent to /dev/null

--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nag

Re: [Nagios-users] Monitoring Cisco IDS/IPS SSM Modules

2012-06-08 Thread RichTea 
On Wed, Jun 6, 2012 at 2:16 AM, Joseph Hardeman wrote:

> Hi Eero,
>
> I had to go to the archives on SourceForge to see your reply.  I am not
> getting emails from the list.
>
> No, unfortunitely that won't work.  I am looking for a plugin that will
> query the SSM IPS module for any security breach attempts or that will
> monitor a log file from syslog-ng capturing the SSM syslog data and will
> then send either an SNMP trap or trigger a passive alert.
>
>
If you are happy to "tail" the syslog you can just use the Nagios check_log
plugin.
With a custom service. i see from the above the syslog file in on the
Nagios server.

some sort of service like this applied to the device.

define service {
name check_local_syslog
command $USER1$/check_log --filename=/path/to/syslog/$HOSTNAME$ -some
other option (sorry i dont have access to man at the moment)
}

--
<-- http://23.me.uk/2 -->
<--Time flies like an arrow; fruit flies like a banana.  -->

> I found where people talk about monitoring their Cisco devices that have
> SSM IPS modules, but no examples so far.
>
> Thanks for thinking of that app. :-)
>
> Joe
>
>
> On Tue, Jun 5, 2012 at 12:51 AM, Joseph Hardeman wrote:
>
>> Hi Everyone,
>>
>> I have been looking around and am hoping that someone can help me out.  I
>> recently got a Cisco 5520 with a SSM-20 module (latest code and Signatures)
>> that I need to start monitoring.  I have been looking but I have not found
>> a script that will help me monitor this via SNMP.
>>
>> We are looking to use Nagios to capture any security breachs or attempts
>> that are captured by the SSM module and its analysis engine.
>>
>> We do have this device sending Syslog data to the Nagios system, so if
>> there is a way to parse or tail this log to watch for the events that would
>> be helpful too.
>>
>> Thanks in advance.
>>
>> Joe
>>
>
>
>
> --
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and
> threat landscape has changed and how IT managers can respond. Discussions
> will include endpoint security, mobile security and the latest in malware
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
> ___
> Nagios-users mailing list
> Nagios-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when
> reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>
--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

[Nagios-users] Peter Shankland is out of the office.

2012-06-08 Thread Peter . Shankland 

I will be out of the office starting  08/06/2012 and will not return until
11/06/2012.




 Peter Shankland
 TECHNICAL NETWORK SPECIALIST
 IT DEPARTMENT
 DD:+44 (0) 1952 205160
 F:+44 (0) 1952 213100
 M:+44 (0) 7919 444077
 E: peter.shankl...@ricoh-rpl.com

(Embedded image moved to file: pic28433.gif)

 Ricoh UK Products Limited
 Priorslee | Telford | Shropshire | TF2 9NS
 T: +44 (0) 1952 290090
 (Embedded image moved to file: pic29869.gif)
Please do not print this email unless absolutely necessary in order to save
paper and energy, and you will contribute to resource conservation and CO2
reduction. This email including attachments is intended for the
addressee(s) only. It may be labelled confidential/ private and contain
confidential/private information. Please respect the wishes of the sender
in the way you treat this email and the information contained within. If in
doubt clarify the wishes of the sender before acting. If you have received
this email in error, you may not review, copy or forward this message in
whole or in part. Ricoh UK Products employees should delete from their
system and notify us of the error via the ISMS Security Incident Reporting
database. External recipients should delete from their system and alert us
via email, advising the name of the sender and the time and date of
receipt. Any views expressed in this email may not necessarily reflect
those of Ricoh UK Products Ltd. You should ensure that the onward
transmission, opening or use of this message or attachments will not
adversely affect your system or data and carry out anti-virus checks before
downloading. Internet communications are not secure and therefore Ricoh UK
Products Ltd accepts no responsibility for any direct, indirect or
consequential damage resulting from the transmission of this message.

Registered in England No. 1763860
Registered Office: Ricoh UK Products Limited, Priorslee, Telford,
Shropshire, TF2 9NS<><>--
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/___
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null