On Thu, 6 Sep 2012, Joe Prosser wrote: > How do you send passive checks from a remote system?
you configure Nagios to accept passive checks (and have the services defined), which includes starting a NSCA listener daemon. Then on the remote (i.e. SEC) system, you have a nsca sending script that sends the appropriately formatted string to the nagios server. There are many such senders around (some in C, I'm using one I found that's in Perl) and just have the SEC alerting action call a script that formats the alert appropriately. As you can see on this page: http://nagios.sourceforge.net/docs/3_0/passivechecks.html the format of the alert is pretty simple [<timestamp>] PROCESS_SERVICE_CHECK_RESULT;<host_name>;<svc_description>;<return_code>;<plugin_output> or [<timestamp>] PROCESS_HOST_CHECK_RESULT;<host_name>;<host_status>;<plugin_output> just open a TCP connection to the nagios server and send that string. David Lang ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Simple-evcorr-users mailing list Simple-evcorr-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/simple-evcorr-users