監控系統 icinga (nagios 的分支) nsca-ng 篇

如果不用 nsca ，也是有另一個替代品，叫 nsca-ng

1. 更安全
2. 效能更好

一樣分 central 與 slaver 說明

Central

# 編譯

version=`wget -O - http://www.nsca-ng.org/version.txt`
wget "http://www.nsca-ng.org/download/nsca-ng-${version}.tar.gz"
gzip -c -d "nsca-ng-$version.tar.gz" | tar xf -
cd "nsca-ng-$version"
./build-aux/make-confuse # If libConfuse >= 2.6 is not available.
./build-aux/make-openssl # If OpenSSL >= 1.0.0 is not available.
./configure --prefix=/usr/local/nsca-ng --enable-server
make check
make install

# 複製檔案

cp -rp contrib/nsca-ng.init /etc/init.d/nsca-ng

# 修改啟動檔
vi /etc/init.d/nsca-ng

name='NSCA-ng'
# 修改
pid_file="/usr/local/nsca-ng/tmp/nsca-ng.pid"
# 新增
nsca_ng_bin="/usr/local/nsca-ng/sbin/nsca-ng"
# 修改
# nsca-ng -P "$pid_file" && echo 'done.' || echo 'failed.'
# 為
$nsca_ng_bin -P "$pid_file" && echo 'done.' || echo 'failed.'

# 設定檔
vi /usr/local/nsca-ng/etc/nsca-ng.cfg

command_file = "/usr/local/icinga/var/rw/icinga.cmd" # 確認 cmd 路徑
        listen = "*:5668"  # Default: "*".
        tls_ciphers = "PSK-AES256-CBC-SHA"      # Default: see nsca-ng.cfg(5).
 
 
authorize "*" {
        password = "change-me" # 驗證碼
        #
        # The original NSCA server permits all authenticated clients to submit
        # arbitrary check results.  To get this behaviour, enable the following
        # lines:
        #
                hosts = ".*"
                services = ".*"
}

# 啟動 nsca-ng

service nsca-ng start

Slaver

# 編譯

./configure --prefix=/usr/local/nsca-ng --enable-client
make install

# 設定
vi /usr/local/nsca-ng/etc/send_nsca.cfg

password = "change-me"
server = "1.1.1.1"
tls_ciphers = "PSK-AES256-CBC-SHA"
delay = 2
timeout = 10

# 測試

/bin/echo -e "localhost\tdummy\t0\ttestesttest.\n" | /usr/local/nsca-ng/sbin/send_nsca