# - verdi: pg upgrade, openvpn
# - mundy: salinfo_decode
# - puccini: mailgraph
-# - lebrun: ippl
# down:
# - sarti
samosa:
address: 192.25.206.57
- hostgroups: computers, service, dl380, apache2-hosts, bind9-hosts, heavy-exim
+ hostgroups: computers, no-udev, service, dl380, apache2-hosts, bind9-hosts, heavy-exim
raff:
address: 192.25.206.59
parents: samosa
- hostgroups: computers, service, dl380, apache1-hosts, bind9-hosts, rsyncd-hosts, heavy-exim
+ hostgroups: computers, no-udev, service, dl380, apache1-hosts, bind9-hosts, rsyncd-hosts, heavy-exim
gluck:
address: 192.25.206.10
parents: samosa
- hostgroups: computers, general, dl380, apache1-hosts, bind9-hosts, rsyncd-hosts, heavy-exim, highload
+ hostgroups: computers, no-udev, general, dl380, apache1-hosts, bind9-hosts, heavy-exim, highload
merkel:
address: 192.25.206.16
parents: samosa
spohr:
address: 192.25.206.33
parents: samosa
- hostgroups: computers, service, dl380, apache2-hosts, postgres81-hosts
+ hostgroups: computers, service, dl380, apache2-hosts, postgres81-hosts, ulogd-hosts
peri:
address: 192.25.206.15
parents: samosa
mundy:
address: 192.25.206.62
parents: samosa
- hostgroups: computers, buildd
+ hostgroups: computers, no-udev, buildd
paer:
address: 192.25.206.11
parents: samosa
- hostgroups: computers, porterbox, bind9-hosts
+ hostgroups: computers, porterbox, bind9-hosts, single-cpu
merulo:
address: 192.25.206.58
parents: samosa
- hostgroups: computers, porterbox
+ hostgroups: computers, no-udev, porterbox
bartok:
address: 82.195.75.91
agricola:
address: 82.195.75.86
parents: gw-man-da
- hostgroups: computers, porterbox, sw-raid, single-cpu, lenny
+ hostgroups: computers, porterbox, sw-raid, single-cpu, lenny, no-samhain
contacts: bzed
arcadelt:
address: 82.195.75.87
parents: gw-man-da
- hostgroups: computers, buildd, sw-raid, single-cpu, lenny
+ hostgroups: computers, buildd, sw-raid, single-cpu, lenny, no-samhain
contacts: bzed
liszt:
address: 82.195.75.100
parents: gw-man-da
- hostgroups: computers, service, apache2-hosts, bind9-hosts, postfix-hosts, heavy-postfix, amavis-hosts, dl385
- contacts: bzed
- auber:
- address: 82.195.75.101
- parents: gw-man-da
- hostgroups: computers, buildd, sw-raid
+ hostgroups: computers, service, apache2-hosts, bind9-hosts, postfix-hosts, heavy-postfix, amavis-hosts, dl385, acpid-hosts
contacts: bzed
+# auber:
+# address: 82.195.75.101
+# parents: gw-man-da
+# hostgroups: computers, no-udev, buildd, sw-raid
+# contacts: bzed
master:
address: 70.103.162.29
parents: gw-brainfood
- hostgroups: computers, general, apache2-hosts, bind9-hosts, heavy-exim, highload
+ hostgroups: computers, no-udev, general, apache2-hosts, bind9-hosts, heavy-exim, highload
murphy:
address: 70.103.162.31
parents: gw-brainfood
- hostgroups: computers, general, apache2-hosts, bind9-hosts, postfix-hosts, dl380
+ hostgroups: computers, general, postfix-hosts, dl380, acpid-hosts
ries:
address: 128.148.34.103
parents: gw-brown.edu
- hostgroups: computers, service, apache2-hosts, bind9-hosts, ftpd-hosts, dl385, rsyncd-hosts, postgres81-hosts, heavy-exim
+ hostgroups: computers, service, apache2-hosts, bind9-hosts, ftpd-hosts, dl385, rsyncd-hosts, postgres81-hosts, heavy-exim, acpid-hosts
mayer:
address: 140.211.166.78
parents: gw-osuosl
- hostgroups: computers, buildd
+ hostgroups: computers, no-udev, buildd
mayr:
address: 140.211.166.58
parents: gw-osuosl
- hostgroups: computers, buildd
+ hostgroups: computers, no-udev, buildd
malo:
address: 140.211.166.27
parents: gw-osuosl
rietz:
address: 140.211.166.43
parents: gw-osuosl
- hostgroups: computers, service, apache2-hosts, bind9-hosts, rsyncd-hosts, dl385, heavy-exim, highload
+ hostgroups: computers, no-udev, service, apache2-hosts, bind9-hosts, rsyncd-hosts, dl385, heavy-exim, highload
rietz2:
address: 140.211.166.44
parents: rietz
steffani:
address: 128.31.0.36
parents: gw-mit-csail
- hostgroups: computers, service, apache2-hosts, ftpd-hosts, rsyncd-hosts, sw-raid, bind9-hosts
- casals:
- address: 128.31.0.16
- parents: gw-mit-csail
- hostgroups: deadslow
+ hostgroups: computers, service, apache2-hosts, ftpd-hosts, rsyncd-hosts, sw-raid, bind9-hosts, acpid-hosts
mahler:
address: 128.31.0.46
parents: gw-mit-csail
- hostgroups: computers, single-cpu, lenny, porterbox
+ hostgroups: computers, single-cpu, lenny, porterbox, rsyslog-hosts
klecker:
address: 194.109.137.218
saens:
address: 128.101.240.212
parents: gw-umn.edu
- hostgroups: computers, service, apache2-hosts, ftpd-hosts, rsyncd-hosts, dl380, heavy-exim
+ hostgroups: computers, no-udev, service, apache2-hosts, ftpd-hosts, rsyncd-hosts, dl380, heavy-exim
argento:
address: 195.49.152.174
parents: gw-dg-i.net
- hostgroups: computers, buildd, sw-raid, single-cpu, lenny
+ hostgroups: computers, buildd, sw-raid, single-cpu, lenny, no-samhain
contacts: bzed
pergolesi:
address: 62.104.23.252
parents: gw-freenet
- hostgroups: computers, porterbox, sw-raid
+ hostgroups: computers, no-udev, porterbox, sw-raid
bruckner:
address: 62.104.23.253
parents: gw-freenet
- hostgroups: computers, porterbox, single-cpu
+ hostgroups: computers, no-udev, porterbox, single-cpu, deadslow
raptor:
address: 195.243.109.162
albeniz:
address: 193.62.202.27
parents: gw-sanger
- hostgroups: computers, porterbox, sw-raid
+ # SMP kernel doesn't run stable
+ hostgroups: computers, porterbox, sw-raid, single-cpu
contacts: tjrc1
goetz:
address: 193.62.202.26
parents: gw-sanger
- hostgroups: computers, buildd, sw-raid
+ # SMP kernel doesn't run stable
+ hostgroups: computers, buildd, sw-raid, single-cpu
contacts: tjrc1
verdi:
voltaire:
address: 72.66.115.54
parents: gw-frost
- hostgroups: computers, buildd
+ hostgroups: computers, buildd, no-samhain
contacts: sfrost
puccini:
address: 87.106.4.56
parents: gw-1und1
- hostgroups: computers, service, apache2-hosts, bind9-hosts, postfix-hosts, heavy-postfix, amavis-hosts
+ hostgroups: computers, no-udev, service, apache2-hosts, bind9-hosts, postfix-hosts, heavy-postfix, amavis-hosts, ulogd-hosts
+ contacts: joerg
+ powell:
+ address: 87.106.64.223
+ parents: gw-1und1
+ hostgroups: computers, service, heavy-exim, rsyncd-hosts, ulogd-hosts, acpid-hosts
contacts: joerg
caballero:
address: 193.201.200.200
parents: gw-blackcat
- hostgroups: computers, buildd, sw-raid, bind9-hosts
+ hostgroups: computers, no-udev, buildd, sw-raid, bind9-hosts
elara:
address: 67.210.160.90
kassia:
address: 130.89.175.54
parents: gw-utwente
- hostgroups: computers, service, postfix-hosts, apache2-hosts, ftpd-hosts, rsyncd-hosts, dl360
+ hostgroups: computers, service, postfix-hosts, apache2-hosts, ftpd-hosts, rsyncd-hosts, dl360, acpid-hosts
allegri:
address: 157.193.39.233
parents: gw-HP-ftc
- hostgroups: computers, buildd, postfix-hosts, sw-raid, single-cpu, lenny
+ hostgroups: computers, buildd, postfix-hosts, sw-raid, single-cpu, lenny, no-samhain
contacts: luk
agnesi:
ravel:
address: 137.82.84.43
parents: gw-ubc
- hostgroups: computers, general, dl385, apache2-hosts
+ hostgroups: computers, general, dl385, apache2-hosts, acpid-hosts
lebrun:
- address: 161.53.160.165
+ address: 193.198.184.10
parents: gw-carnet
hostgroups: computers, buildd
+ schroeder:
+ address: 193.198.184.11
+ parents: gw-carnet
+ hostgroups: computers, buildd, sw-raid
tartini:
address: 82.94.249.158
piatti:
address: 193.167.161.225
parents: gw-helsinki
- hostgroups: computers, postfix-hosts, dl385
+ hostgroups: computers, postfix-hosts, dl385, ulogd-hosts, acpid-hosts
contacts: holger
#############################
alias: Hosts running lenny, not etch
private: 1
+ no-samhain:
+ alias: hosts not running samhain properly
+ private: 1
+
syslog-ng-hosts:
alias: hosts running syslog-ng instead of sysklogd
private: 1
+ rsyslog-hosts:
+ alias: hosts running rsyslogd instead of sysklogd
+ private: 1
postfix-hosts:
alias: hosts running postfix instead of exim
private: 1
mysql-hosts:
alias: hosts running mysql
private: 1
+ no-udev:
+ alias: hosts not using udev
+ private: 1
+ ulogd-hosts:
+ alias: hosts running ulogd
+ private: 1
+ acpid-hosts:
+ alias: hosts running acpid
+ private: 1
highload:
alias: "hosts on which high load is normal"
alias: weak ssh keys
apt:
alias: apt upgrade status
+ samhain:
+ alias: samhain integrity status
security:
alias: security
- servicegroup_members: apt, weaksshkeys, kernel
+ servicegroup_members: apt, weaksshkeys, kernel, samhain
#############################
# services
name: disk usage on /boot
servicegroups: diskspace
nrpe: "/usr/lib/nagios/plugins/check_disk 75 85 /boot"
- hosts: sperger, rietz, steffani, penalosa, peri, albeniz, goetz, mayer, mayr, paer, spontini, tartini, morales, ravel, auber
+ hosts: sperger, rietz, steffani, penalosa, peri, albeniz, goetz, mayer, mayr, paer, spontini, tartini, morales, ravel, schroeder, piatti
-
name: disk usage on /var
servicegroups: diskspace
nrpe: "/usr/lib/nagios/plugins/check_disk 75 90 /var"
- hosts: bartok, samosa, raff, lobos, villa, gluck, saens, voltaire, puccini, lebrun, tartini, morales
+ hosts: bartok, samosa, raff, lobos, villa, gluck, saens, voltaire, puccini, lebrun, tartini, morales, powell
-
name: disk usage on /org
servicegroups: diskspace
nrpe: "/usr/lib/nagios/plugins/check_disk 80 90 /org"
- hosts: sperger, samosa, raff, lobos, villa, steffani, saens, pergolesi, verdi, puccini, spontini, ravel, mahler
+ hosts: sperger, samosa, raff, lobos, villa, steffani, saens, pergolesi, verdi, puccini, spontini, ravel, mahler, schroeder, piatti
-
name: disk usage on /org
servicegroups: diskspace
name: disk usage on /srv
servicegroups: diskspace
nrpe: "/usr/lib/nagios/plugins/check_disk 80 90 /srv"
- hosts: agricola, arcadelt, argento, allegri, tartini, morales, auber
+ hosts: agricola, arcadelt, argento, allegri, tartini, morales, powell
-
name: disk usage on /org/scratch
servicegroups: diskspace
name: disk usage on /tmp
servicegroups: diskspace
nrpe: "/usr/lib/nagios/plugins/check_disk 60 80 /tmp"
- hosts: samosa, raff, gluck, saens, puccini, merkel, tartini
+ hosts: samosa, raff, gluck, saens, puccini, merkel, tartini, powell, piatti
-
name: disk usage on /usr
servicegroups: diskspace
nrpe: "/usr/lib/nagios/plugins/check_disk 75 90 /usr"
- hosts: samosa, raff, lobos, villa, gluck, saens, pergolesi, puccini, merulo, tartini, morales
+ hosts: samosa, raff, lobos, villa, gluck, saens, pergolesi, puccini, merulo, tartini, morales, powell
-
name: disk usage on /home
servicegroups: diskspace
normal_check_interval: 180
max_check_attempts: 2
retry_check_interval: 5
+ -
+ name: backup server config
+ nrpe: "/usr/lib/nagios/plugins/dsa-check-dabackup-server"
+ hosts: bartok
+ normal_check_interval: 180
+ max_check_attempts: 2
+ retry_check_interval: 5
####
-
normal_check_interval: 180
retry_check_interval: 5
+ ####
+ -
+ name: process - samhain
+ nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:8 -c 1: -u root -C samhain -a '/usr/sbin/samhain'"
+ hostgroups: computers
+ excludehostgroups: no-samhain
+ -
+ name: samhain
+ servicegroups: samhain
+ nrpe: "/usr/lib/nagios/plugins/dsa-check-samhain -t 45"
+ hostgroups: computers
+ excludehostgroups: no-samhain
+ depends: process - samhain
+ normal_check_interval: 240
+ retry_check_interval: 5
+
####
-
name: users
-
name: "network service - sshd - version"
- check: "dsa_check_ssh_port_version!22!OpenSSH_4.3p2 Debian-9etch2"
+ check: "dsa_check_ssh_port_version!22!OpenSSH_4.3p2 Debian-9etch3"
depends: network service - sshd
hostgroups: computers, deadslow
excludehosts: agnesi, crest, kullervo
normal_check_interval: 360
-
name: "network service - sshd - version - 2260"
- check: "dsa_check_ssh_port_version!2260!OpenSSH_4.3p2 Debian-9etch2"
+ check: "dsa_check_ssh_port_version!2260!OpenSSH_4.3p2 Debian-9etch3"
depends: network service - sshd - 2260
hosts: agnesi
normal_check_interval: 360
name: process - syslog-ng
nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C syslog-ng -a '/sbin/syslog-ng -p /var/run/syslog-ng.pid'"
hostgroups: syslog-ng-hosts
+ ###
+ -
+ name: process - rsyslogd
+ nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C rsyslogd -a '/usr/sbin/rsyslogd -c3'"
+ hostgroups: rsyslog-hosts
###
-
name: process - syslogd
nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C syslogd -a '/sbin/syslogd'"
hostgroups: computers
- excludehostgroups: syslog-ng-hosts
+ excludehostgroups: syslog-ng-hosts, rsyslog-hosts
-
name: process - klogd
nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C klogd -a '/sbin/klogd -x'"
hostgroups: computers
- excludehostgroups: syslog-ng-hosts
+ excludehostgroups: syslog-ng-hosts, rsyslog-hosts
### MAIL STUFF
###
-
name: network service - smtp - port 8080
check: dsa_check_smtp_port!8080
- hosts: murphy, piatti
+ hosts: murphy
depends: process - postfix - master
-
name: network service - smtp - port 2025
-
- name: setup - debian-admin in etc aliases
- nrpe: "/usr/lib/nagios/plugins/dsa-check-da-in-aliases"
+ name: setup - dsa config
+ nrpe: "/usr/lib/nagios/plugins/dsa-check-config"
hostgroups: computers
normal_check_interval: 120
-
nrpe: "/usr/lib/nagios/plugins/dsa-check-hpacucli"
normal_check_interval: 120
hostgroups: dl385, dl380, dl360
+ ###
+ -
+ name: RAID - areca
+ servicegroups: raid
+ nrpe: "/usr/lib/nagios/plugins/dsa-check-raid-areca"
+ hosts: powell
###
-
name: RAID - DAC960
name: process - slapd
nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:20 -c 1:50 -u openldap -C slapd -a '/usr/sbin/slapd -h ldap:/// ldaps:/// -g openldap -u openldap'"
hosts: samosa
+ ###
+ -
+ name: process - ulogd
+ nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C ulogd -a '/usr/sbin/ulogd -d'"
+ hostgroups: ulogd-hosts
+ -
+ name: unexpected process - ulogd
+ nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C ulogd"
+ hostgroups: computers
+ excludehostgroups: ulogd-hosts
###
-
name: process - udevd
nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C udevd -a 'udevd'"
- hosts: sperger, ries, steffani, merkel, spohr, peri, penalosa, albeniz, verdi, liszt, kassia, agricola, arcadelt, argento, allegri, morales, bartok
+ hostgroups: computers
+ excludehostgroups: no-udev
+ -
+ name: unexpected process - udev
+ nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C udevd"
+ hostgroups: no-udev
###
-
name: process - acpid
nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C acpid -a '/usr/sbin/acpid -c /etc/acpi/events -s /var/run/acpid.socket'"
- hosts: ries, steffani, liszt, kassia
+ hostgroups: acpid-hosts
+ -
+ name: unexpected process - acpid
+ nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C acpid"
+ hostgroups: computers
+ excludehostgroups: acpid-hosts
###
-
-
name: network service - https
check: check_https
- hosts: samosa
+ hosts: samosa, ries
depends: "process - apache2 - master"
normal_check_interval: 120
-
name: network service - https cert
check: dsa_check_cert!443
- hosts: samosa
+ hosts: samosa, ries
depends: network service - https
normal_check_interval: 240
####
-
name: process - debianqueued
nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -u dak -C debianqueued"
- hosts: ries
+ hosts: ries, ravel
###
-
projects / mirror / dsa-nagios.git / blobdiff