Embed Size (px)
Citation preview
NSClient++ in the new millenium!
(re)Discovering NSClient++Name: Michael
Medin (@mickem)Email:[email protected] Blog: http://blog.medin.name
Project:NSClient++Web: http://nsclient.org
∘•
No disclaimer this year…Still your fault
though!
devworked
in opsa long time ago
not ops
work with “soa”
not, C/C++, nagios, icinga, …
by misstake
Michael Medin
No agenda this year either…
C++Since
2003?
windows
linux and
modular (pluggable)
0.4.0: 2012-05-xx 0.4.1: 2012-
10-xx0.4.2: 2013-02-xx?
About NSClient++ (the program)
<0.4.0
Open source
not open core
Open source
one-man-band
no company sponsori
ng!donations!support?
, no commercial version
, no payed timebut…
Please don’t be angry!
About NSClient++ (the project)
= feedback
Update the wiki! Respond in the
forums…Submit patches
Fork me on github
Submit bug reportsCome
with ideasTell me what
you need!
NSClient++ (What can I do?)
∘•
NSClient++ (What’s new)
∘•
Sockets: ipv6, ssl (true)
Protocols: NRPE, NSCA, NRDP, check_mk, check_nt, Graphite, syslog, smtp
Real-time checks (eventlog, logfiles)
Command line syntax
Thank you!
More then a 1000 words?
∘•
By ~Nac-Mac-Feegle
but it runs on linux
…time for a new logo?…for windows…
∘•
Probably!
apt-get install …git clone git://github.com/mickem/nscp.git
Building on Linux
∘•mkdir build ; cd buildcmake ../nscpmake
Get visual studio (express), python and cmakeDownload unpack nscp source
Building on windows…
∘•python nscp\build\python\fetchdeps.py
--target x64 --cmake-config distcmake ../nscpmsbuild /p:Configuration=RelWithDebInfo NSCP.sln
More then a 1000 words?
∘•
let me worklet nagios/icinga/* rest
…daemon
∘•passive monitoring?
NO!
real-time monitoring?
event based monitoring?
preventive monitoring?
simplified monitoring?
The right way to do monitoring?
Tobias Leeger
More then a 1000 words?
∘•
Check_nt:
no encryption!
Secure monitoring
∘•
Check_nrpe:
no authentication, encryption?Check_
nsca:no (strong) authentication!Check_
mk:no authentication, no encryption!Check_
nrdp:No ecryption (in nsclient++)Check_
nscp:Encryption! Authentication!
Check_nt:
Secure monitoring
∘•
Check_nrpe:Check_nsca:Check_mk:Check_nrdp:Check_nscp:
Encryption! Authentication!
Encryption! Authentication!Encryption! Authentication!Encryption! Authentication!Encryption! Authentication!No ecryption (Yet!)
Ssl (standard)
Strong encryption
Security
∘•Client AND(or) server
Secure?
I hope so…
Certificates Certificate based
authentication
∘•Secure? But you never
know…
I hope so…
Time to get real…
∘•
DEMO: Using NSClient++
nscp Display all(?) available contextnscp --help Get help (can be used in many places)nscp <context or alias> [options] [-- [module options]]
General usage syntax
General usage
help Get helpclient Act as a client. (think check_nrpe)
Usually aliases we can use instead.service (un)Install and display windows service settingsWork with configurationtestFind errors and problemsunitRun unit test scripts
Contexts
lua Run lua scriptspython Run python scriptsnrpe Think check_nrpensca Think send_nscasys Nice pdh front-end (more to come)wmi WMI front endeventlog Add event log message from command line
Aliases
nscp settings --helpnscp settings --add-missing --generate [--load-all]
Will update your configuration with ALL keys
nscp settings --add-missing --activate-module <module>
Great way to "enable a new module“nscp settings --remove-defaults --generate
Will remove all default keys/sections
nscp settings --validateShow problems with the settings file
Settings (Configuration)
nscp nrpe -- --helpThe -- is important
nscp nrpe -- -H 127.0.0.1 -c foo -a foo bar
Execute nrpe query from nsclient++0.4.2 will introduce:
nrpe_client -H 127.0.0.1 -c foo -a foo barnsca_client ……_client …
check_nrpe
Time to get real…
∘•
DEMO: real-time log file monitoring
CheckLogFileSubscribes to filechanges
SimpleFileWriterWrite notifications to file
NSCAClientSubmit NSCA messages
Modules
NSCA
FILE SimpleFileWriter
NSCAClientCheckLogFile NSCP
[/modules]CheckLogFile = enabledSimpleFileWriter = enabled[/settings/logfile/real-time/checks/sample]critical = column2 like 'crit'destination = FILEfile = ./test.txtfilter = column1 like 'hello'warning = column2 like 'warn'[/settings/logfile/real-time]enabled = true
Resulting config from DEMO
[/settings/logfile/real-time]enabled = true[/settings/NSCA/client/targets/default]address = 127.0.0.1encryption = xorpassword = secret
Resulting config from DEMO
[/modules]CheckLogFile = enabledNSCAClient = enabledSimpleFileWriter = enabled[/settings/logfile/real-time/checks/sample]critical = column2 like 'crit'destination = FILE,NSCAfile = ./test.txtfilter = column1 like 'hello'warning = column2 like 'warn'
./nscp testtail –f ./output.txtecho –e “hello\tworld”echo –e “hello\twarn”echo –e “hello\tcrit”
Run the following
Time to get real…
∘•
DEMO: real-time log file monitoring…
…via NRPE?
CheckLogFileSubscribes to filechanges
SimpleCacheStore our result
NRPEClientAccept remote checks (if there is
time)
Modules
CACHE SimpleCacheCheckLogFile NSCP
NRPEServer
[/settings/logfile/real-time]enabled = true[/settings/NSCA/client/targets/default]address = 127.0.0.1encryption = xorpassword = secret
Resulting config from DEMO
[/modules]CheckLogFile = enabledNSCAClient = enabledSimpleFileWriter = enabledSimleCache = enabled[/settings/logfile/real-time/checks/sample]critical = column2 like 'crit'destination = FILE,NSCA,CACHEfile = ./test.txtfilter = column1 like 'hello'warning = column2 like 'warn'
./nscp testecho –e “hello\tworld”echo –e “hello\twarn”echo –e “hello\tcrit”In nsclient console execute:check_cache index=sample
Run the following
Photo by Olga Berrios
Q&A
Michael [email protected]
http://www. .com/in/mickemhttp://blog.medin.name/
Information about NSClient++http://nsclient.org
facebook.com/nsclient
Slides, and exampleshttp://nsclient.org/nscp/conferances/osmc/2012/
Thank You!
