X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=config%2Fnagios-master.cfg;h=7a2a6ae4fb5e652fed11f7f91951affaa136c05a;hb=e04c1899083df9b3ca97ae5b3e02830f16ea5307;hp=70a9405d0a6d349433fbe02075cefa0cd6eda83d;hpb=0257cfd83fee325a158a1443044ba0d954ea757d;p=mirror%2Fdsa-nagios.git diff --git a/config/nagios-master.cfg b/config/nagios-master.cfg index 70a9405..7a2a6ae 100644 --- a/config/nagios-master.cfg +++ b/config/nagios-master.cfg @@ -111,7 +111,7 @@ servers: # parents: gw-HP-ftc # hostgroups: routing-infrastructure gw-agnesi: - address: 65.173.90.18 + address: 65.173.90.22 parents: gw-HP-ftc hostgroups: routing-infrastructure gw-ubc: @@ -119,6 +119,11 @@ servers: parents: gw-HP-ftc hostgroups: routing-infrastructure contacts: lfilipoz + gw-ubcnew: + address: 206.12.19.254 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + contacts: lfilipoz gw-carnet: address: 161.53.160.1 parents: gw-HP-ftc @@ -153,7 +158,7 @@ servers: parents: gw-HP-ftc hostgroups: routing-infrastructure gw-esiee: - address: 147.215.2.249 + address: 195.220.83.13 parents: gw-HP-ftc hostgroups: routing-infrastructure gw-ghent: @@ -173,7 +178,7 @@ servers: samosa: address: 192.25.206.57 parents: spohr - hostgroups: computers, service, dl380, lenny, hassrvfs, hasbootfs, acpid-hosts, ulogd-hosts, nfs-client + hostgroups: computers, service, dl380, lenny, hassrvfs, hasbootfs, acpid-hosts, ulogd-hosts, nfs-client, postgres84-hosts raff: address: 192.25.206.59 parents: spohr @@ -188,7 +193,7 @@ servers: hostgroups: secondary-IPs spohr: address: 192.25.206.33 - hostgroups: computers, service, dl380, apache2-hosts, postgres83-hosts, ulogd-hosts, nfs-server, lenny, heavy-exim, bind9-hosts + hostgroups: computers, service, dl380, apache2-hosts, postgres83-hosts, ulogd-hosts, nfs-server, lenny, spamd, heavy-exim, bind9-hosts spohr2: address: 192.25.206.38 parents: spohr @@ -201,7 +206,7 @@ servers: penalosa: address: 192.25.206.68 parents: spohr - hostgroups: computers, buildd, sw-raid, hasbootfs, lenny, single-cpu + hostgroups: computers, buildd, hasbootfs, lenny contacts: dannf mundy: address: 192.25.206.62 @@ -266,7 +271,7 @@ servers: draghi: address: 82.195.75.106 parents: unger - hostgroups: computers, service, acpid-hosts, lenny, hasbootfs, hassrvfs, apache2-hosts, bind9-hosts, heavy-exim, ulogd-hosts + hostgroups: computers, service, acpid-hosts, lenny, hasbootfs, hassrvfs, apache2-hosts, bind9-hosts, spamd, heavy-exim, ulogd-hosts kaufmann: address: 82.195.75.107 parents: unger @@ -274,12 +279,12 @@ servers: byrd: address: 82.195.75.101 parents: unger - hostgroups: computers, service, lenny, hasbootfs, hassrvfs + hostgroups: computers, service, lenny, hasbootfs, hassrvfs, postgres84-hosts, heavy-exim master: address: 70.103.162.29 parents: gw-brainfood - hostgroups: computers, general, apache2-hosts, bind9-hosts, heavy-exim, highload, lenny + hostgroups: computers, general, apache2-hosts, bind9-hosts, spamd, heavy-exim, highload, lenny murphy: address: 70.103.162.31 parents: gw-brainfood @@ -289,7 +294,7 @@ servers: ries: address: 128.148.34.103 parents: gw-brown.edu - hostgroups: computers, service, apache2-hosts, bind9-hosts, ftpd-hosts, dl385, rsyncd-hosts, postgres83-hosts, heavy-exim, acpid-hosts, lenny + hostgroups: computers, service, apache2-hosts, bind9-hosts, ftpd-hosts, dl385, rsyncd-hosts, postgres83-hosts, spamd, heavy-exim, acpid-hosts, lenny, uploadqueue mayer: address: 140.211.166.78 @@ -353,7 +358,7 @@ servers: klecker: address: 194.109.137.218 parents: gw-xs4all - hostgroups: computers, service, apache2-hosts, ftpd-hosts, rsyncd-hosts, bind9-hosts, dl385, postgres83-hosts, heavy-exim, lenny + hostgroups: computers, service, apache2-hosts, ftpd-hosts, rsyncd-hosts, bind9-hosts, dl385, spamd, heavy-exim, lenny saens: address: 128.101.240.212 @@ -409,7 +414,7 @@ servers: powell: address: 87.106.64.223 parents: gw-1und1 - hostgroups: computers, service, heavy-exim, rsyncd-hosts, ulogd-hosts, acpid-hosts, lenny, hassrvfs, hasvarfs, hasusrfs + hostgroups: computers, service, spamd, heavy-exim, rsyncd-hosts, ulogd-hosts, acpid-hosts, lenny, hassrvfs, hasvarfs, hasusrfs contacts: joerg schumann: @@ -423,11 +428,15 @@ servers: chopin: address: 195.20.242.124 parents: schumann - hostgroups: computers, ulogd-hosts, lenny, hassrvfs + hostgroups: computers, service, apache2-hosts, ulogd-hosts, lenny, hassrvfs, hasbootfs, rsyncd-hosts, uploadqueue geo3: address: 195.20.242.125 parents: schumann hostgroups: computers, service, lenny, hasbootfs, single-cpu, bind9-hosts + soler: + address: 195.20.242.126 + parents: schumann + hostgroups: computers, service, lenny, hasbootfs, hassrvfs caballero: address: 193.201.200.200 @@ -451,7 +460,7 @@ servers: address: 130.89.149.226 parents: kassia hostgroups: secondary-IPs - kassia4: + kassia-volatile: address: 130.89.149.227 parents: kassia hostgroups: secondary-IPs @@ -463,7 +472,7 @@ servers: contacts: luk agnesi: - address: 65.173.90.83 + address: 67.233.102.241 parents: gw-agnesi hostgroups: deadslow, lenny @@ -473,13 +482,17 @@ servers: hostgroups: computers, buildd, hasbootfs, lenny contacts: lfilipoz ravel: - address: 137.82.84.66 - parents: gw-ubc - hostgroups: computers, general, dl385, apache2-hosts, acpid-hosts, ftpd-hosts, hasbootfs, lenny, nfs-server, rsyncd-hosts + address: 206.12.19.5 + parents: gw-ubcnew + hostgroups: computers, general, dl385, apache2-hosts, acpid-hosts, ftpd-hosts, hasbootfs, lenny, nfs-server, rsyncd-hosts, bind9-hosts, uploadqueue dijkstra: address: 137.82.84.70 parents: gw-ubc - hostgroups: computers, bl460, acpid-hosts, lenny + hostgroups: computers, bl460, acpid-hosts, lenny, ulogd-hosts + luchesi: + address: 206.12.19.214 + parents: gw-ubcnew + hostgroups: computers, bl460, acpid-hosts, lenny, ulogd-hosts wolkenstein: address: 137.82.84.89 parents: dijkstra @@ -495,7 +508,7 @@ servers: duarte: address: 137.82.84.77 parents: dijkstra - hostgroups: computers, lenny, hasbootfs, hassrvfs + hostgroups: computers, lenny, hasbootfs, hassrvfs, single-cpu valente: address: 137.82.84.76 parents: dijkstra @@ -503,7 +516,7 @@ servers: bellini: address: 137.82.84.79 parents: gw-ubc - hostgroups: computers, lenny, hasbootfs, nfs-client, hassrvfs, aacraid + hostgroups: computers, lenny, hasbootfs, nfs-client, hassrvfs, aacraid, heavy-exim morricone: address: 137.82.84.81 parents: gw-ubc @@ -511,11 +524,11 @@ servers: stabile: address: 137.82.84.72 parents: gw-ubc - hostgroups: computers, lenny, hashomefs, sw-raid, rsyncd-hosts + hostgroups: computers, lenny, hashomefs, sw-raid, rsyncd-hosts, postgres84-hosts cimarosa: address: 137.82.84.80 parents: gw-ubc - hostgroups: computers, lenny, hasbootfs, aacraid, hassrvfs + hostgroups: computers, lenny, hasbootfs, aacraid, hassrvfs, nfs-client paganini: address: 137.82.84.82 parents: gw-ubc @@ -669,17 +682,14 @@ hostgroups: alias: hosts not running samhain properly private: 1 - #syslog-ng-hosts: - # alias: hosts running syslog-ng instead of sysklogd - # private: 1 - #rsyslog-hosts: - # alias: hosts running rsyslogd instead of sysklogd - # private: 1 postfix-hosts: alias: hosts running postfix instead of exim private: 1 heavy-exim: - alias: "hosts running the full mail stuff, including clamav, SA, and postgrey" + alias: "hosts running the full mail stuff, including clamav and postgrey" + private: 1 + spamd: + alias: "hosts running spamassassin as daemon" private: 1 heavy-postfix: alias: "postfix hosts running the full mail stuff, including clamav, SA, postgrey, policyd-weight" @@ -708,6 +718,9 @@ hostgroups: postgres83-hosts: alias: hosts running postgres83 private: 1 + postgres84-hosts: + alias: hosts running postgres84 + private: 1 mysql-hosts: alias: hosts running mysql private: 1 @@ -720,6 +733,9 @@ hostgroups: acpid-hosts: alias: hosts running acpid private: 1 + uploadqueue: + alias: hosts that are an anonymous ftp uploadqueue + private: 1 nfs-client: alias: hosts mounting filesystems using NFS @@ -1122,21 +1138,8 @@ services: name: process - syslog-ng nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C syslog-ng -a '/sbin/syslog-ng -p /var/run/syslog-ng.pid'" hostgroups: lenny - excludehosts: agnesi - ### - # - - # name: process - rsyslogd - # nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C rsyslogd -a '/usr/sbin/rsyslogd -c3'" - # hostgroups: rsyslog-hosts - ### - - - name: process - syslogd - nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C syslogd -a '/sbin/syslogd'" - hosts: rietz - - - name: process - klogd - nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C klogd -a '/sbin/klogd -x'" hosts: rietz + excludehosts: agnesi ### MAIL STUFF ### @@ -1145,17 +1148,17 @@ services: nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:10 -c 1: -u Debian-exim -C exim4 -a '/usr/sbin/exim4 -bd -q'" hostgroups: computers excludehostgroups: postfix-hosts - excludehosts: master, rietz, merkel + excludehosts: master, rietz, merkel, byrd - name: process - exim - total nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:50 -c 1: -C exim4" hostgroups: computers excludehostgroups: postfix-hosts - excludehosts: master, rietz, merkel + excludehosts: master, rietz, merkel, byrd - name: process - exim nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:300 -c 1:500 -C exim4 -a '/usr/sbin/exim4'" - hosts: master, rietz, merkel + hosts: master, rietz, merkel, byrd ### - name: process - clamav - clamd @@ -1183,8 +1186,8 @@ services: - name: process - spamd - master nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C spamd -a '/usr/sbin/spamd --create-prefs --max-children 5 --helper-home-dir -d --pidfile=/var/run/spamd.pid'" - hostgroups: heavy-exim - excludehosts: rietz, merkel, raff, powell + hostgroups: spamd + excludehosts: powell - name: process - spamd - master nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C spamd -a '/usr/sbin/spamd --create-prefs --max-children 20 --min-spare=5 --helper-home-dir -d --pidfile=/var/run/spamd.pid'" @@ -1197,9 +1200,8 @@ services: name: process - spamd - child nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:11 -c 1: -C spamd -a 'spamd child'" hosts: liszt - hostgroups: heavy-exim + hostgroups: spamd depends: process - spamd - master - excludehosts: rietz, merkel, raff # - name: process - spamd - master @@ -1214,12 +1216,8 @@ services: name: unwanted process - spamd nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C spamd" hostgroups: computers - excludehostgroups: heavy-exim - excludehosts: liszt - - - name: unwanted process - spamd - nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C spamd" - hosts: merkel, raff + excludehostgroups: spamd + excludehosts: liszt, rietz ### #- @@ -1435,6 +1433,11 @@ services: nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C snmpd" hostgroups: computers + #### + - + name: "host SSL cert" + nrpe: "if [ -e /etc/ssl/certs/thishost.pem ]; then /usr/lib/nagios/plugins/dsa-check-cert-expire /etc/ssl/certs/thishost.pem; else echo 'No thishost.pem on this host.'; fi" + hostgroups: computers ############ Processes/Services that only run on some computers ############ #### @@ -1604,19 +1607,7 @@ services: name: network service - http check: check_http depends: kassia:process - apache2 - master - hosts: kassia-sec, kassia-ftp - - - # apache1 process on merkel - - - name: process - apache - master - nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -u root -C apache -a /usr/sbin/apache" - hosts: merkel - - - name: process - apache - worker - nrpe: "/usr/lib/nagios/plugins/check_procs -w 2:75 -c 1:150 -u www-data -C apache -a /usr/sbin/apache" - hosts: merkel - depends: process - apache - master + hosts: kassia-sec, kassia-ftp, kassia-volatile # keyserver on raff - @@ -1629,20 +1620,20 @@ services: - name: network service - https check: check_https - hosts: ries, klecker, draghi, liszt, spohr, widor + hosts: ries, chopin, draghi, liszt, spohr, widor, rietz depends: "process - apache2 - master" normal_check_interval: 120 - name: network service - https cert check: dsa_check_cert!443 # ries ftp-master.debian.org - # klecker security-master.debian.org + # chopin security-master.debian.org # spohr rt.debian.org # spohr2 nagios.debian.org # draghi db.debian.org # merkel2 nm.debian.org # liszt lists.debian.org - hosts: ries, klecker, spohr, spohr2, draghi, merkel2, liszt, widor + hosts: ries, chopin, spohr, spohr2, draghi, merkel2, liszt, widor, rietz depends: network service - https normal_check_interval: 60 @@ -1690,17 +1681,17 @@ services: - name: process - vsftp - listener nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -u root -C vsftpd -a 'vsftpd: LISTENER'" - hostgroups: ftpd-hosts + hostgroups: ftpd-hosts, uploadqueue excludehosts: kassia - name: process - vsftp - instance nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:80 -c 0:100 -u ftp -C vsftpd -a 'vsftpd: '" - hostgroups: ftpd-hosts + hostgroups: ftpd-hosts, uploadqueue excludehosts: kassia - name: network service - ftp check: check_ftp - hostgroups: ftpd-hosts + hostgroups: ftpd-hosts, uploadqueue excludehosts: kassia depends: process - vsftp - listener - @@ -1712,8 +1703,8 @@ services: #### - name: process - debianqueued - nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -u dak -C debianqueued" - hosts: ries, ravel, klecker + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:3 -c 1: -u dak -C debianqueued" + hostgroups: uploadqueue ### #- @@ -1736,11 +1727,14 @@ services: # hostgroups: postgres81-hosts # depends: process - postresql81 - master #### + - + name: process - postresql84 - master + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u postgres -C postgres -a '/usr/lib/postgresql/8.4/bin/postgres'" + hostgroups: postgres84-hosts - name: process - postresql83 - master nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u postgres -C postgres -a '/usr/lib/postgresql/8.3/bin/postgres -D /var/lib/postgresql/8.3/main -c config_file=/etc/postgresql/8.3/main/postgresql.conf'" hostgroups: postgres83-hosts - excludehosts: klecker #- # name: process - postresql83 - master udd # nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u postgres -C postgres -a '/usr/lib/postgresql/8.3/bin/postgres -D /var/lib/postgresql/8.3/udd -c config_file=/etc/postgresql/8.3/udd/postgresql.conf'" @@ -1748,10 +1742,14 @@ services: - name: process - postresql83 - dak master nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u postgres -C postgres -a '/usr/lib/postgresql/8.3/bin/postgres -D /var/lib/postgresql/8.3/dak -c config_file=/etc/postgresql/8.3/dak/postgresql.conf'" - hosts: ries, klecker + hosts: klecker, chopin - - name: process - postresql83 - dak-dev master - nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u postgres -C postgres -a '/usr/lib/postgresql/8.3/bin/postgres -D /var/lib/postgresql/8.3/dak-dev -c config_file=/etc/postgresql/8.3/dak-dev/postgresql.conf'" + name: process - postresql84 - dak master + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u postgres -C postgres -a '/usr/lib/postgresql/8.4/bin/postgres -D /var/lib/postgresql/8.4/dak -c config_file=/etc/postgresql/8.4/dak/postgresql.conf'" + hosts: ries + - + name: process - postresql84 - dak-dev master + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u postgres -C postgres -a '/usr/lib/postgresql/8.4/bin/postgres -D /var/lib/postgresql/8.4/dak-dev -c config_file=/etc/postgresql/8.4/dak-dev/postgresql.conf'" hosts: ries #### - @@ -1774,6 +1772,11 @@ services: nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u stunnel4 -C stunnel4 -a '/usr/bin/stunnel4 /etc/stunnel/postgres-udd.conf'" hosts: merkel, master + - + name: udd stunnel - master cert + nrpe: "/usr/lib/nagios/plugins/check_http -H localhost -p 8080 -S -C 14 -t 45" + hosts: samosa + #### #- # name: process - xenconsoled @@ -1896,6 +1899,22 @@ services: name: DNS SOA sync - alioth.debian.org check: "dsa_check_soas_add!alioth.debian.org!alioth.debian.org" hosts: global + - + name: DNS SOA sync - 2.5.1.1.8.0.0.8.d.8.0.1.0.0.2.ip6.arpa + check: "dsa_check_soas!2.5.1.1.8.0.0.8.d.8.0.1.0.0.2.ip6.arpa" + hosts: global + - + name: DNS SOA sync - a.5.1.1.8.0.0.8.d.8.0.1.0.0.2.ip6.arpa + check: "dsa_check_soas!a.5.1.1.8.0.0.8.d.8.0.1.0.0.2.ip6.arpa" + hosts: global + - + name: DNS SOA sync - 2.1.0.0.0.0.0.2.8.8.8.0.1.0.0.2.ip6.arpa + check: "dsa_check_soas!2.1.0.0.0.0.0.2.8.8.8.0.1.0.0.2.ip6.arpa" + hosts: global + - + name: DNS SOA sync - 2.6.a.0.4.6.5.6.1.0.0.0.2.0.0.0.8.d.8.0.1.0.0.2.ip6.arpa + check: "dsa_check_soas!2.6.a.0.4.6.5.6.1.0.0.0.2.0.0.0.8.d.8.0.1.0.0.2.ip6.arpa" + hosts: global ############ - name: ping alive check