search
top

Installing Nagios Part 1

For the next series we will be discussing installing and configuring Nagios for monitoring. The series will include installing Nagios, plugins, agents and various custom monitors. Also, adding other features including graphing and performance charting. Nagios is a powerful monitoring tools used by many IT departments and has the support of the Open Source community. So let’s get started!

Our choice for OS is Scientific Linux 6.0 which is based on RHEL 6.0, a good stable and enterprise level OS. the current version of Nagios is 3.3.1. There are several pieces to Nagios that we will need to install, the core and plugins. This will give us the base installation we need to get running with Nagios. Once they are installed and configured we will install the agents on the systems we want to monitor.

Logon to your Linux installation and download the Nagios Core and the plugins packages from here.

Prerequisites
During portions of the installation you’ll need to have root access to your machine.
Lets download the following packages on your Fedora / RHEL installation before continuing.

  • Apache
  • PHP
  • GCC compiler
  • GD development libraries

Change to root (sudo su -)

# yum install httpd php
# yum install gcc glibc glibc-common
# yum install gd gd-devel

Create Nagios Account and Group
Create a new nagios user account and give it a password.

# /usr/sbin/useradd -m nagios
# passwd nagios
Create a new nagcmd group for allowing external commands to be submitted through the web interface. Add both the nagios user and the apache user to the group.

# /usr/sbin/groupadd nagcmd
# /usr/sbin/usermod -a -G nagcmd nagios
# /usr/sbin/usermod -a -G nagcmd apache

Change into a directory or make one for downloading the Nagios Core and plugins then download them using the following commands.

Download the source code tarballs of both Nagios and the Nagios plugins (visit http://www.nagios.org/download/ for links to the latest versions). These directions were tested with Nagios 3.3.1 and Nagios Plugins 1.4.15.

# wget http://prdownloads.sourceforge.net/sourceforge/nagios/nagios-3.3.1.tar.gz
# wget http://prdownloads.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.15.tar.gz

Now we can extract and compile the code.

# tar xzf nagios-3.3.1.tar.gz
# cd nagios

Run the Nagios configure script, passing the name of the group you created earlier like so:

# ./configure --with-command-group=nagcmd
When the configure completes you will receive a summary.

 

*** Configuration summary for nagios 3.3.1 07-25-2011 ***:

General Options:
————————-
Nagios executable:  nagios
Nagios user/group:  nagios,nagios
Command user/group:  nagios,nagcmd
Embedded Perl:  no
Event Broker:  yes
Install ${prefix}:  /usr/local/nagios
Lock file:  ${prefix}/var/nagios.lock
Check result directory:  ${prefix}/var/spool/checkresults
Init directory:  /etc/rc.d/init.d
Apache conf.d directory:  /etc/httpd/conf.d
Mail program:  /bin/mail
Host OS:  linux-gnu

Web Interface Options:
————————
HTML URL:  http://localhost/nagios/
CGI URL:  http://localhost/nagios/cgi-bin/
Traceroute (used by WAP):  /bin/traceroute
Now let’s start to compile the Nagios Core source code.
# make all

Install binaries, init script, sample config files and set permissions on the external command directory.

# make install
# make install-init
# make install-config
# make install-commandmode
# make install-webconf

Now we have Nagios installed but not started, at this point we need to do a bit of customization.

Customize Configuration
Sample configuration files have now been installed in the /usr/local/nagios/etc directory. These sample files should work fine for getting started with Nagios.

Edit the /usr/local/nagios/etc/objects/contacts.cfg config file with your favorite editor and change the email address associated with the nagiosadmin contact definition to the address you’d like to use for receiving alerts.

# vi /usr/local/nagios/etc/objects/contacts.cfg

Create a nagiosadmin account for logging into the Nagios web interface. Remember the password you assign to this account – you’ll need it later.
# htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
# New password:
# Re-type new password:
# Adding password for user nagiosadmin

Restart Apache to make the new settings take effect.
# service httpd restart

Compile and Install the Nagios Plugins

Extract the Nagios plugins source code tarball.

# tar xzf nagios-plugins-1.4.15.tar.gz
# cd nagios-plugins-1.4.15

Compile and install the plugins.
# ./configure --with-nagios-user=nagios --with-nagios-group=nagios
# make
# make install

Start Nagios
Add Nagios to the list of system services and have it automatically start when the system boots.

# chkconfig --add nagios
# chkconfig nagios on

Verify the sample Nagios configuration files. This is very important to find the errors and correct them before starting.

# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
Running pre-flight check on configuration data…
Checking services…
Checked 8 services.
Checking hosts…
Checked 1 hosts.
Checking host groups…
Checked 1 host groups.
Checking service groups…
Checked 0 service groups.
Checking contacts…
Checked 1 contacts.
Checking contact groups…
Checked 1 contact groups.
Checking service escalations…
Checked 0 service escalations.
Checking service dependencies…
Checked 0 service dependencies.
Checking host escalations…
Checked 0 host escalations.
Checking host dependencies…
Checked 0 host dependencies.
Checking commands…
Checked 24 commands.
Checking time periods…
Checked 5 time periods.
Checking for circular paths between hosts…
Checking for circular host and service dependencies…
Checking global event handlers…
Checking obsessive compulsive processor commands…
Checking misc settings…

Total Warnings: 0
Total Errors:   0

Things look okay – No serious problems were detected during the pre-flight check
If there are no errors, start Nagios.
# service nagios start

Modify SELinux Settings

Fedora / RHEL ships with SELinux (Security Enhanced Linux) installed and in Enforcing mode by default. This can result in “Internal Server Error” messages when you attempt to access the Nagios CGIs.

See if SELinux is in Enforcing mode.
# getenforce

Put SELinux into Permissive mode.
# setenforce 0

To make this change permanent, you’ll have to modify the settings in /etc/selinux/config and reboot.

Instead of disabling SELinux or setting it to permissive mode, you can use the following command to run the CGIs under SELinux enforcing/targeted mode:

# chcon -R -t httpd_sys_content_t /usr/local/nagios/sbin/
# chcon -R -t httpd_sys_content_t /usr/local/nagios/share/

For information on running the Nagios CGIs under Enforcing mode with a targeted policy, visit the Nagios Support Portal or Nagios Community Wiki.

Login to the Web Interface

You should now be able to access the Nagios web interface at the URL below. You’ll be prompted for the username (nagiosadmin) and password you specified earlier.

http://localhost/nagios/

Click on the “Service Detail” navbar link to see details of what’s being monitored on your local machine. It will take a few minutes for Nagios to check all the services associated with your machine, as the checks are spread out over time.

Now we have the base Nagios installation running. Look for the next part in the series where we will cover installing the agents!

Note: If you have a fresh install of CentOS 6.2 you will run into an issue with iptables blocking incoming port 80 so you will not be able o bring up Nagios console. Thanks to G Hamilton for reminding me of this feature.

To add the exception perform the following steps.

# iptables -I INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
# service iptables save
# service iptables restart

7 Responses to “Installing Nagios Part 1”

  1. G Hamilton says:

    Fantastic article “Installing Nagios Part 1”. Will be waiting patiently for Installing Nagios Part 2.

  2. G Hamilton says:

    I set up a Centos v6.2 basic server install then and followed this tutorial to the letter and everything seemed to go quite well. No errors during the entire tutorial. Apache seems to be running as well as Nagios. I disabled SELinux and checked it’s status to be sure it was disabled. However, when I try to navigate to the website via http://myip or http://myip/nagios I get nothing as if Apache is not up. It just time out. I would give http://localhost/nagios a try from the server box but I installed without a GUI so as to have a basic server. Any ideas?

    a.- I can ping the server box
    b.- I can SSH the server box and manage it.
    c.- I am also not connected through a router. Both boxes are on the same switch.
    d.- I have my Win7 firewall disabled on the desktop box.

    • G Hamilton says:

      One more tidbit. Re done everything from scratch including Centos v6.2. I decided it would be best to at least have a minimum GUI for now on the server for now. Then your tutorial which went fine again. This time since I now had a GUI on the server box I tested localhost/nagios and all worked fine. Still does not work from outside box though.

      • newlife007 says:

        I think you are running into an issue I ran into earlier on my system in that iptables by default blocks incoming and outgoing port 80 requests. Try this an see if you can get a login.
        # service iptables stop
        # chkconfig iptables off
        # service httpd restart

        • G Hamilton says:

          Bingo!!! IT WORKED !!! Thanks for the pointer and once again thanks for the great tutorial.

        • G Hamilton says:

          Found a couple other useful commands that was helpful in my case. I wanted to be sure Apache would start automatically in case of power outage and the server rebooted. Used the following.

          [root]# chkconfig –level 2345 httpd on

          Also to make the port 80 open and stick I used the following, and it is all working now after reboot or power fail. Hopefully it is not an unsecured setup, but at the moment I am only testing and not in production mode anyway.

          [root]# iptables -I INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT
          [root]# service iptables save
          [root]# service iptables restart

          • newlife007 says:

            I had a feeling it was iptables, after I replied I thought about sending the iptables command but you found it. For production you want to keep iptables and open the ports you need. In my instance I am running in no production so disabling iptables is ok for me. Glad you found it helpful.

Leave a Reply

Your email address will not be published. Required fields are marked *

top