来自:网络
上线的服务器有时会被人攻击,导致服务不可用,今天安装配置了nagios对上线服务器进行监控,简单记录一下 nagios安装
[ /jeremyxu2010/blog/281151#]?[/url]
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
| #安装必要的软件包 yum install -y gcc glibc glibc-common gd gd-devel xinetd openssl-devel #创建nagios用户及授予目录权限
useradd -s /sbin/nologin nagios mkdir /usr/local/nagios chown -R nagios.nagios /usr/local/nagios #安装nagios
tar xf nagios-4.0.7.tar.gz cd nagios-4.0.7
./configure --prefix=/usr/local/nagios make all make install && make install-init && make install-commandmode && make install-config
chkconfig --add nagios && chkconfig --level 35 nagios on && chkconfig --list nagios #安装nagios-plugins
tar xf nagios-plugins-2.0.2.tar.gz cd nagios-plugins-2.0.2
./configure --prefix=/usr/local/nagios make && make install #安装apache
tar xf httpd-2.2.23.tar.gz cd httpd-2.2.23
./configure --prefix=/usr/local/apache2 make && make install #安装php
tar xf php-5.5.13.tar.gz cd php-5.5.13
./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache2/bin/apxs make && make install
|
接下来配置apache
[ /jeremyxu2010/blog/281151#]?[/url]
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
| #生成nagios密码文件
/usr/local/apache2/bin/htpasswd -c /usr/local/nagios/etc/htpasswd admin
vim /usr/local/apache2/conf/httpd.conf
...
User nagios
Group nagios
...
<IfModule dir_module>
DirectoryIndex index.html index.php
</IfModule>
...
AddType application/x-httpd-php .php
... #setting for nagios ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin" 开源监控软件 <Directory "/usr/local/nagios/sbin">
AuthType Basic
Options ExecCGI
AllowOverride None
Order allow,deny
Allow from all
AuthName "Nagios Access"
AuthUserFile /usr/local/nagios/etc/htpasswd //用于此目录访问身份验证的文件
Require valid-user
</Directory> Alias /nagios "/usr/local/nagios/share"
<Directory "/usr/local/nagios/share">
AuthType Basic
Options None
AllowOverride None
Order allow,deny
Allow from all
AuthName "nagios Access"
AuthUserFile /usr/local/nagios/etc/htpasswd
Require valid-user
</Directory>
#启动apache vim /etc/init.d/httpd #!/bin/sh
#
# Startup script for the Apache Web Server
#
# chkconfig: 345 85 15
# description: Apache is a World Wide Web server. It is used to serve \ nagios配置 # HTML files and CGI.
# processname: httpd
# pidfile: /usr/local/apache2/logs/httpd.pid
# config: /usr/local/apache2/conf/httpd.conf # Source function library. . /etc/rc.d/init.d/functions
# See how we were called.
case "$1" in
start) echo -n "Starting httpd: "
daemon /usr/local/apache2/bin/httpd -DSSL echo touch /var/lock/subsys/httpd
;;
stop) echo -n "Shutting down http: "
killproc httpd echo rm -f /var/lock/subsys/httpd rm -f /usr/local/apache2/logs/httpd.pid
;;
status)
status httpd
;;
restart)
$0 stop
$0 start
;;
reload) echo -n "Reloading httpd: "
killproc httpd -HUP echo
;;
*) echo "Usage: $0 {start|stop|restart|reload|status}" exit 1 esac
exit 0
chmod +x /etc/init.d/httpd
chkconfig httpd on /etc/init.d/httpd start
|
接下来配置nagios
[ /jeremyxu2010/blog/281151#]?[/url]
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
| #确保admin用户登录后有权限查看信息 vim /usr/local/nagios/etc/cgi.cfg 监控软件 ...
default_user_name=admin
authorized_for_system_information=nagiosadmin,admin
authorized_for_configuration_information=nagiosadmin,admin
authorized_for_system_commands=admin
authorized_for_all_services=nagiosadmin,admin
authorized_for_all_hosts=nagiosadmin,admin
authorized_for_all_service_commands=nagiosadmin,admin
authorized_for_all_host_commands=nagiosadmin,admin
...
#修改nagios主配置文件,将主机的定义都放在/usr/local/nagios/etc/hosts目录中
mkdir /usr/local/nagios/etc/hosts
vim /usr/local/nagios/etc/nagios.cfg
...
cfg_dir=/usr/local/nagios/etc/hosts
...
#添加一个自定义命令 vim /usr/local/nagios/etc/objects/command.cfg
... # 'check_custom_http' command definition define command{
command_name check_custom_http
command_line $USER1$/check_http -4 -N -H $ARG1$ -u $ARG2$
}
# 'check_dns' command definition define command{
command_name check_dns
command_line $USER1$/check_dns -v -H $ARG1$ -a $ARG2$ -w $ARG3$ -c $ARG4$
}
...
#定义主机组 vim /usr/local/nagios/etc/hosts/group.cfg
define hostgroup{
hostgroup_name groupname1
alias groupname1
members server1 #server1必须在/etc/hosts里有对应的映射 } nagios实施 #定义主机server1 vim /usr/local/nagios/etc/hosts/server1.cfg
define host{
use linux-server
host_name server1
alias server1
address xx.xx.xx.xx
notification_period 24x7
}
define service{
use local-service ; Name of service template to use
host_name server1
service_description PING
check_command check_ping!100.0,20%!500.0,60% ; 延时100ms丢包率大于20%时,则发出警告通知; 延时500ms丢包率大于60%时,则发出严重错误通知
}
;需要做好本机使用的DNS设置,在/etc/resolv.conf文件中定义
define service{
use local-service ; Name of service template to use
host_name server1
service_description DNS
check_command check_dns!xxx. !xx.xx.xx.xx!4!10 ;连续解析域名发生4次错误,则发出警告通知;连续解析域名发生10次错误,则发出严重错误通知;
}
define service{
use local-service ; Name of service template to use
host_name server1
service_description HTTP
check_command check_custom_http!xxx.abc.com!/somepath/path1 ;注意这里的参数要以!分隔
}
define service{
use local-service ; Name of service template to use
host_name server1
service_description SSH
check_command check_ssh
}
#配置监控出现问题时要通知的联系人 vim /usr/local/nagios/etc/objects/contacts.cfg nagios培训
define contact{
contact_name user1 ; Short name of user
use generic-contact ; Inherit default values from generic-contact template (defined above)
alias user1 ; Full name of user
email user1@abc.com ; <<***** CHANGE THIS TO YOUR EMAIL ADDRESS ******
}
define contact{
contact_name user2 ; Short name of user
use generic-contact ; Inherit default values from generic-contact template (defined above)
alias user2 ; Full name of user
email user2@abc.com ; <<***** CHANGE THIS TO YOUR EMAIL ADDRESS ******
}
define contactgroup{
contactgroup_name admins
alias Nagios Administrators
members user1,user2
}
重启nagios /etc/init.d/nagios restart
|
刚才发现nagios监控到服务器异常也没有发邮件通知,查了一下,还需要配置mail命令可发送邮件
[ /jeremyxu2010/blog/281151#]?[/url]
1
2
3
4
5
6
7
8
9
| yum install mail
vim /etc/mail.rc
... set from=abc-noreply@abc.com set smtp=smtp.abc.com set smtp-auth-user=abc-noreply@abc.com set smtp-auth-password=somepwd set smtp-auth=login
...
|
想做Nagios, Zabbix,Cacti,iTop各种交流的,可以进入开源监控工具Nagios交流 QQ群号 :476809427 |