include icinga-classicui
include icinga-web
include nagios-plugins
+include nsca-ng
# icinga 2 docs at /icinga2-doc
file { '/etc/httpd/conf.d/icinga2-doc.conf':
--- /dev/null
+# Class: nsca-ng
+#
+# This class installs nsca-ng components
+#
+class nsca-ng {
+ include nsca-ng-server
+ include nsca-ng-client
+}
+
+# Class: nsca-ng-server
+#
+# This class installs nsca-ng server
+#
+# Parameters:
+#
+# Actions:
+#
+# Requires:
+#
+# Sample Usage:
+#
+class nsca-ng-server {
+ package { 'nsca-ng-server':
+ ensure => installed,
+ }
+
+ exec { 'iptables-allow-nsca-ng':
+ path => '/bin:/usr/bin:/sbin:/usr/sbin',
+ unless => 'grep -Fxqe "-A INPUT -m state --state NEW -m tcp -p tcp --dport 5668 -j ACCEPT" /etc/sysconfig/iptables',
+ command => 'lokkit -p 5668:tcp'
+ }
+
+ service { 'nsca-ng':
+ enable => true,
+ ensure => running,
+ hasrestart => true,
+ alias => 'nsca-ng',
+ require => [ Package['nsca-ng-server'], Exec['iptables-allow-nsca-ng'] ]
+ }
+
+ file { '/etc/nsca-ng.cfg':
+ content => template('nsca-ng/nsca-ng.cfg'),
+ require => Package['nsca-ng-server'],
+ notify => Service['nsca-ng']
+ }
+}
+
+# Class: nsca-ng-client
+#
+# This class installs nsca-ng client
+#
+# A example passive check result is stored in ~vagrant/passive_result.
+#
+# This can be called manually with:
+# send_nsca -c /etc/send_nsca.cfg < /home/vagrant/passive_result
+#
+# Parameters:
+#
+# Actions:
+#
+# Requires:
+#
+# Sample Usage:
+#
+class nsca-ng-client {
+ package { 'nsca-ng-client':
+ ensure => installed,
+ }
+
+ file { '/etc/icinga2/conf.d/passive.conf':
+ content => template('nsca-ng/passive.conf'),
+ require => Package['nsca-ng-client'],
+ notify => Service['icinga2']
+ }
+
+ file { '/etc/send_nsca.cfg':
+ content => template('nsca-ng/send_nsca.cfg'),
+ require => Package['nsca-ng-client'],
+ }
+
+ file { '/home/vagrant/passive_result':
+ content => template('nsca-ng/passive_result'),
+ require => Package['nsca-ng-client'],
+ }
+}
\ No newline at end of file
--- /dev/null
+#
+# Sample configuration for nsca-ng(8). See the nsca-ng.cfg(5) man page.
+#
+# PLEASE SET THE PERMISSIONS OF THIS FILE APPROPRIATELY TO MAKE SURE THAT ONLY
+# AUTHORIZED USERS CAN ACCESS IT!
+#
+
+#
+# Most probably, you'll have to specify the path to the Nagios command file.
+#
+command_file = "/var/run/icinga2/cmd/icinga2.cmd"
+
+#
+# These configuration settings are optional.
+#
+# listen = "monitoring.example.com:5668" # Default: "*".
+# pid_file = "/var/run/nsca-ng.pid" # Default: create no PID file.
+# temp_directory = "/dev/shm" # Default: "/tmp".
+# tls_ciphers = "PSK-AES256-CBC-SHA" # Default: see nsca-ng.cfg(5).
+# chroot = "/usr/local/nagios/var" # Default: don't chroot(2).
+# user = "nagios" # Default: don't switch user.
+# log_level = 2 # Default: 3.
+# max_command_size = 65536 # Default: 16384.
+# max_queue_size = 128 # Default: 1024.
+# timeout = 15.0 # Default: 60.0.
+#
+
+user = "nsca"
+
+#
+# Clients provide a client ID (think: user name) and a password. The same
+# ID/password combination may be used by multiple clients. In order to
+# authorize clients to submit check results and/or other external commands, at
+# least one "authorize" section must be specified. The client ID (which follows
+
+# the "authorize" keyword) may be "*". In this case, the block will be used as
+# fallback if no section is defined for a given client ID. No other wildcard
+# characters are available, and "*" has no special meaning unless the client ID
+# is exactly "*".
+#
+# Authorizations are specified using the "commands", "hosts, and/or "services"
+# variables within an "authorize" section. These variables are (lists of)
+# extended POSIX regular expressions (see the regex(7) man page), but with an
+# implicit leading "^" and trailing "$". The "commands" patterns are matched
+# against the full command string transmitted by the client, except for the
+# leading bracketed timestamp. The "hosts" and "services" variables are
+# syntactic sugar, e.g.:
+#
+# services = {
+# "http@web-server",
+# "disk"
+# }
+#
+# is equivalent to
+#
+# commands = {
+# "PROCESS_SERVICE_CHECK_RESULT;web-server;http;.+;.+",
+# "PROCESS_SERVICE_CHECK_RESULT;[^;]+;disk;.+;.+"
+# }
+#
+# Some examples:
+#
+# Authenticated "root" clients may submit arbitrary check results and any other
+# monitoring commands.
+#
+# authorize "root" {
+# password = "cM5vBM9CtCWTH1SwnxFEOfp8VAmQq2vd"
+# commands = ".*"
+# }
+#
+# Authenticated "checker" clients may submit arbitrary check results, but no
+# other commands.
+#
+# authorize "checker" {
+# password = "s2LDCy4CiK6yrlcHhTXT6agFh067XYE3"
+# hosts = ".*"
+# services = ".*"
+# }
+#
+# Authenticated "mail-checker" clients may submit check results for arbitrary
+# services on hosts whose names begin with "pop", "imap", or "smtp".
+#
+# authorize "mail-checker" {
+# password = "1HOiwYonRoLByCaX6lfY5KDhP484THzV"
+# services = {
+# ".+@pop.*",
+# ".+@imap.*",
+# ".+@smtp.*"
+# }
+# }
+#
+# Authenticated "system-checker" clients may submit check results for the
+# "disk", "swap", and "load" services on arbitrary hosts.
+#
+# authorize "system-checker" {
+# password = "rDCnSMFaM9wb5Yzjd6JwRcvHEwmC9ZlQ"
+# services = {
+# "disk",
+# "swap",
+# "load"
+# }
+# }
+#
+
+#
+# The "*" section applies when no other section matches the client's identity.
+# In order to authorize clients to actually submit check results (or other
+# commands), at least one "commands" and/or "services" expression must be
+# specified.
+#
+authorize "*" {
+ password = "password"
+ #
+ # The original NSCA server permits all authenticated clients to submit
+ # arbitrary check results. To get this behaviour, enable the following
+ # lines:
+ #
+ hosts = ".*"
+ services = ".*"
+}
+
+#
+# Other files can be included. If a directory is specified, all "*.cfg" and
+# "*.conf" files within this directory and all subdirectories are included.
+#
+# include(nsca-ng.d/included.cfg)
+#
\ No newline at end of file
--- /dev/null
+/**
+ * A host definition. You can create your own configuration files
+ * in the conf.d directory (e.g. one per host). By default all *.conf
+ * files in this directory are included.
+ */
+object Host "nsca-ng" inherits "generic-host" {
+ display_name = "nsca-ng test",
+
+ services["PassiveService1"] = {
+ templates = [ "generic-service" ],
+ check_command = "passive",
+ },
+
+ services["PassiveService2"] = {
+ templates = [ "generic-service" ],
+ check_command = "passive",
+ },
+}
\ No newline at end of file
--- /dev/null
+nsca-ng PassiveService1 0 This is a test passive result check returning OK\17
+nsca-ng PassiveService2 1 This is a test passive result check returning BAD
+
--- /dev/null
+#
+# Sample configuration for send_nsca(8). See the send_nsca.cfg(5) man page.
+#
+# PLEASE SET THE PERMISSIONS OF THIS FILE APPROPRIATELY TO MAKE SURE THAT ONLY
+# AUTHORIZED USERS CAN ACCESS IT!
+#
+
+password="password"
+identity="nsca-ng"
+# identity = "web-checker" # Default: `hostname`.
+# password = "8a5UMsMzZhu6sSPkSmSaqC3HjMGCLwdt" # Default: "change-me".
+# server = "monitoring.example.com" # Default: "localhost".
+# tls_ciphers = "PSK-AES256-CBC-SHA" # See send_nsca.cfg(5).
+# delay = 2 # Default: 0.
+# port = 5668 # Default: 5668.
+# timeout = 10 # Default: 15.
\ No newline at end of file
# so you can take notice and act accordingly.
auto_correct: true
+ # forward port for nsca-ng. See note above regarding auto_correct
+ config.vm.network :forwarded_port, guest: 5668, host: 5668, auto_correct: true
+
# Create a private network, which allows host-only access to the machine
# using a specific IP.
# config.vm.network :private_network, ip: "192.168.33.10"
state | **Optional.** The state. Can be one of 0 (ok), 1 (warning), 2 (critical) and 3 (unknown). Defaults to 0.
text | **Optional.** Plugin output. Defaults to "Check was successful.".
+### passive
+
+Specialised check command object for passive checks executing the `check_dummy` plugin with appropriate default values.
+
+Macros:
+
+Name | Description
+----------------|--------------
+plugindir | **Required.** The directory containing this plugin.
+state | **Optional.** The state. Can be one of 0 (ok), 1 (warning), 2 (critical) and 3 (unknown). Defaults to 3.
+text | **Optional.** Plugin output. Defaults to "No Passive Check Result Received.".
+
### tcp
Check command object for the `check_tcp` plugin.
}
}
+object CheckCommand "passive" inherits "dummy" {
+ macros = {
+ state = 3,
+ text = "No Passive Check Result Received."
+ }
+}
+
object CheckCommand "tcp" inherits "plugin-check-command" {
command = [
"$plugindir$/check_tcp",
projects / icinga2 / commitdiff