X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=nagios-master.cfg;h=379faf6a1a8eade7e0ef0a85b9b58e1d8ef0df24;hb=b27c4c8f3c342f8875481d51a7cf93c222839012;hp=68a7590212e1a45b179ef6b978f39d93bceb136c;hpb=fda17b9425ae82a9b23f1dff503b7bc040d2b2c4;p=mirror%2Fdsa-nagios.git diff --git a/nagios-master.cfg b/nagios-master.cfg index 68a7590..379faf6 100644 --- a/nagios-master.cfg +++ b/nagios-master.cfg @@ -3,6 +3,44 @@ # Strings ought to be in double quotes, but it works in most cases if they aren't :) # # vim:set syntax=yaml: + +# TODO +# - raff: identd, hpasmd +# - spohr: hpasmd +# - *: mailq +# - *: check munin stats collection works +# - *: check backups are successful +# - goetz: gmond/gmetad +# - +# - agnesi +# - bruckner +# - caballero +# - casals +# - crest +# - elara +# - europa +# - goedel +# - kassia +# - kullervo +# - lebrun +# - leisner +# - liszt +# - malo +# - mayer +# - mayr +# - mundy +# - murphy +# - paer +# - piatti +# - puccini +# - ravel +# - sarti +# - schulz +# - spontini +# - tartini +# - verdi +# - voltaire + --- ############################# # hosts @@ -10,16 +48,181 @@ servers: gw-MAN-DA-debian: address: 82.195.75.126 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-HP-ftc: + address: 192.25.206.1 + parents: samosa + hostgroups: routing-infrastructure + gw-brainfood: + address: 70.103.162.1 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-brown.edu: + address: 128.148.34.1 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-osuosl: + address: 140.211.166.1 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-scanplus-villa: + address: 212.211.132.1 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-scanplus-lobos: + address: 212.211.132.249 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-mit-csail: + address: 128.30.0.254 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-xs4all: + address: 194.109.137.217 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-umn.edu: + address: 128.101.240.222 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-dg-i.net: + address: 195.49.152.190 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-freenet: + address: 62.104.23.249 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-topalis: + address: 195.243.109.254 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-sanger: + address: 193.62.202.18 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-cst: + address: 213.188.99.215 + parents: gw-HP-ftc hostgroups: routing-infrastructure + samosa: + address: 192.25.206.57 + hostgroups: computers, service, dl380, apache2-hosts, bind9-hosts, heavy-email + raff: + address: 192.25.206.59 + parents: samosa + hostgroups: computers, service, dl380, apache1-hosts, bind9-hosts, rsyncd-hosts, heavy-email + gluck: + address: 192.25.206.10 + parents: samosa + hostgroups: computers, general, dl380, apache1-hosts, bind9-hosts, rsyncd-hosts, heavy-email + merkel: + address: 192.25.206.16 + parents: samosa + hostgroups: computers, general, apache1-hosts, bind9-hosts, rsyncd-hosts, sw-raid, postgres81-hosts, heavy-email + spohr: + address: 192.25.206.33 + parents: samosa + hostgroups: computers, service, dl380, apache2-hosts, postgres81-hosts + peri: + address: 192.25.206.15 + parents: samosa + hostgroups: computers, buildd, sw-raid + penalosa: + address: 192.25.206.68 + parents: samosa + hostgroups: computers, buildd, sw-raid + bartok: address: 82.195.75.91 parents: gw-MAN-DA-debian - hostgroups: computers, syslog-ng-hosts, postfix-hosts, dl385 + hostgroups: computers, service, syslog-ng-hosts, postfix-hosts, dl385 sperger: address: 82.195.75.98 parents: gw-MAN-DA-debian - hostgroups: computers, sw-raid + hostgroups: computers, porterbox, sw-raid + agricola: + address: 82.195.75.86 + parents: gw-MAN-DA-debian + hostgroups: computers, porterbox, sw-raid + arcadelt: + address: 82.195.75.87 + parents: gw-MAN-DA-debian + hostgroups: computers, buildd, sw-raid + + master: + address: 70.103.162.29 + parents: gw-brainfood + hostgroups: computers, general, apache2-hosts, bind9-hosts, heavy-email + + ries: + address: 128.148.34.103 + parents: gw-osuosl + hostgroups: computers, service, apache2-hosts, bind9-hosts, ftpd-hosts, dl385, rsyncd-hosts, postgres81-hosts, heavy-email + + rietz: + address: 140.211.166.43 + parents: gw-brown.edu + hostgroups: computers, service, apache2-hosts, bind9-hosts, rsyncd-hosts, dl385, heavy-email + rietz2: + address: 140.211.166.44 + parents: rietz + hostgroups: secondary-IPs + + villa: + address: 212.211.132.32 + parents: gw-scanplus-villa + hostgroups: computers, service, apache2-hosts, ftpd-hosts, rsyncd-hosts, dl380 + lobos: + address: 212.211.132.250 + parents: gw-scanplus-lobos + hostgroups: computers, service, apache2-hosts, ftpd-hosts, rsyncd-hosts, dl380 + + steffani: + address: 128.31.0.36 + parents: gw-mit-csail + hostgroups: computers, service, apache2-hosts, ftpd-hosts, rsyncd-hosts, sw-raid + + klecker: + address: 194.109.137.218 + parents: gw-xs4all + hostgroups: computers, service, apache2-hosts, ftpd-hosts, rsyncd-hosts, bind9-hosts, dl385, postgres81-hosts, heavy-email + + saens: + address: 128.101.240.212 + parents: gw-umn.edu + hostgroups: computers, service, apache2-hosts, ftpd-hosts, rsyncd-hosts, dl380, heavy-email + + argento: + address: 195.49.152.174 + parents: gw-dg-i.net + hostgroups: computers, buildd, sw-raid + + pergolesi: + address: 62.104.23.252 + parents: gw-freenet + hostgroups: computers, porterbox, sw-raid + + raptor: + address: 195.243.109.162 + parents: gw-topalis + hostgroups: computers, porterbox + + albeniz: + address: 193.62.202.27 + parents: gw-sanger + hostgroups: computers, porterbox, sw-raid + goetz: + address: 193.62.202.26 + parents: gw-sanger + hostgroups: computers, buildd, sw-raid + + escher: + address: 213.188.99.215 + parents: gw-cst + hostgroups: computers, porterbox ############################# # host groups @@ -30,14 +233,35 @@ servers: hostgroups: computers: alias: computers + private: 1 routing-infrastructure: alias: Internet routers and friends + extinfo-icon_image: base/switch40.png + extinfo-icon_image_alt: router - syslog-ng-hosts: - alias: syslog-ng-hosts - private: 1 - postfix-hosts: - alias: postfix-hosts + porterbox: + alias: developer accessible porter machines + extinfo-icon_image: base/debian.png + extinfo-icon_image_alt: Debian GNU/Linux + extinfo-notes_url: http://db.debian.org/machines.cgi?host=%s + service: + alias: machines running services + extinfo-icon_image: base/debian.png + extinfo-icon_image_alt: Debian GNU/Linux + extinfo-notes_url: http://db.debian.org/machines.cgi?host=%s + buildd: + alias: buildd systems + extinfo-icon_image: base/debian.png + extinfo-icon_image_alt: Debian GNU/Linux + extinfo-notes_url: http://db.debian.org/machines.cgi?host=%s + general: + alias: general purpose developer accessible machines + extinfo-icon_image: base/debian.png + extinfo-icon_image_alt: Debian GNU/Linux + extinfo-notes_url: http://db.debian.org/machines.cgi?host=%s + + dl380: + alias: HP DL380 hosts private: 1 dl385: alias: HP DL385 hosts @@ -46,6 +270,38 @@ hostgroups: alias: Hosts with Linux software raid private: 1 + syslog-ng-hosts: + alias: hosts running syslog-ng instead of sysklogd + private: 1 + postfix-hosts: + alias: hosts running postfix instead of exim + private: 1 + heavy-email: + alias: "hosts running the full mail stuff, including clamav, SA, and greylistd" + private: 1 + apache2-hosts: + alias: hosts running apache2 + private: 1 + apache1-hosts: + alias: hosts running apache1 + private: 1 + bind9-hosts: + alias: hosts running bind9 + private: 1 + ftpd-hosts: + alias: hosts running vsftpd + private: 1 + rsyncd-hosts: + alias: hosts providing rsync services via xinetd + private: 1 + postgres81-hosts: + alias: hosts running postgres81 + private: 1 + + secondary-IPs: + alias: secondary IP addresses + private: 1 + ############################# # services ############################# @@ -71,15 +327,43 @@ services: - name: disk usage on /boot nrpe: "/usr/lib/nagios/plugins/check_disk 60 80 /boot" - hosts: sperger + hosts: sperger, rietz, steffani, penalosa, peri, albeniz, escher, goetz - name: disk usage on /var nrpe: "/usr/lib/nagios/plugins/check_disk 50 75 /var" - hosts: bartok + hosts: bartok, samosa, raff, lobos, villa, gluck, saens, escher - name: disk usage on /org nrpe: "/usr/lib/nagios/plugins/check_disk 80 90 /org" - hosts: bartok, sperger + hosts: bartok, sperger, samosa, raff, lobos, villa, steffani, merkel, saens, pergolesi + - + name: disk usage on /srv + nrpe: "/usr/lib/nagios/plugins/check_disk 80 90 /srv" + hosts: agricola, arcadelt, argento + - + name: disk usage on /org/scratch2 + nrpe: "/usr/lib/nagios/plugins/check_disk 80 90 /org/scratch2" + hosts: merkel + - + name: disk usage on /oldorg + nrpe: "/usr/lib/nagios/plugins/check_disk 80 90 /oldorg" + hosts: merkel + - + name: disk usage on /tmp + nrpe: "/usr/lib/nagios/plugins/check_disk 60 80 /tmp" + hosts: samosa, raff, gluck, saens, escher + - + name: disk usage on /usr + nrpe: "/usr/lib/nagios/plugins/check_disk 75 90 /usr" + hosts: samosa, raff, lobos, villa, gluck, saens, pergolesi + - + name: disk usage on /home + nrpe: "/usr/lib/nagios/plugins/check_disk 75 90 /home" + hosts: gluck, raptor, escher + - + name: disk usage on /chroot + nrpe: "/usr/lib/nagios/plugins/check_disk 75 90 /chroot" + hosts: raptor ############ All Computers ############ #### @@ -166,11 +450,20 @@ services: # etch: nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u ntp -C ntpd -a '/usr/sbin/ntpd -p /var/run/ntpd.pid'" nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -C ntpd -a '/usr/sbin/ntpd -p /var/run/ntpd.pid'" hostgroups: computers + excludehosts: raptor - name: network service - ntp check: check_ntp hostgroups: computers depends: process - ntpd + excludehosts: raptor + # + - + name: network service - time + check: check_time + hosts: raptor + depends: process - xinetd + ### - name: process - atd @@ -199,29 +492,90 @@ services: hostgroups: computers excludehostgroups: syslog-ng-hosts + ### MAIL STUFF ### - name: process - exim - nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u Debian-exim -C exim4 -a '/usr/sbin/exim4 -bd -q30m'" + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u Debian-exim -C exim4 -a '/usr/sbin/exim4 -bd -q'" hostgroups: computers excludehostgroups: postfix-hosts + excludehosts: master, rietz, merkel + - + name: process - exim - total + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:50 -c 1: -C exim4" + hostgroups: computers + excludehostgroups: postfix-hosts + excludehosts: master, rietz, merkel + - + name: process - exim + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:300 -c 1:500 -C exim4 -a '/usr/sbin/exim4'" + hosts: master, rietz, merkel ### - name: process - clamav - clamd nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:2 -c 1: -u clamav -C clamd -a '/usr/sbin/clamd'" - hostgroups: computers - excludehostgroups: postfix-hosts + hostgroups: heavy-email - name: service - clamav nrpe: "/usr/lib/nagios/plugins/check_clamd -H /var/run/clamav/clamd.ctl" - hostgroups: computers - excludehostgroups: postfix-hosts + hostgroups: heavy-email depends: process - clamav - clamd - name: process - clamav - freshclam nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u clamav -C freshclam -a '/usr/bin/freshclam -d --quiet'" + hostgroups: heavy-email + # + - + name: unwanted process - clamav + nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C clamd" hostgroups: computers - excludehostgroups: postfix-hosts + excludehostgroups: heavy-email + - + name: unwanted process - freshclam + nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C freshclam" + hostgroups: computers + excludehostgroups: heavy-email + ### + - + name: process - spamd - master + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C spamd -a '/usr/sbin/spamd --create-prefs --max-children 5 --helper-home-dir -d --pidfile=/var/run/spamd.pid'" + #hosts: samosa + hostgroups: heavy-email + excludehosts: rietz + - + name: process - spamd - child + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:6 -c 1: -C spamd -a 'spamd child'" + hostgroups: heavy-email + depends: process - spamd - master + excludehosts: rietz + # + - + name: process - spamd - master + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u debbugs -C spamd -a '/usr/sbin/spamd -d '" + hosts: rietz + - + name: process - spamd - child + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:6 -c 1: -u debbugs -C spamd -a 'spamd child'" + hosts: rietz + # + - + name: unwanted process - spamd + nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C spamd" + hostgroups: computers + excludehostgroups: heavy-email + + ### + - + name: process - greylistd + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u greylist -C greylistd -a '/usr/bin/python /usr/sbin/greylistd'" + hostgroups: heavy-email + # + - + name: unwanted process - greylistd + nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C greylistd" + hostgroups: computers + excludehostgroups: heavy-email + ### - @@ -276,6 +630,33 @@ services: depends: process - postfix - master + ### + - + name: network service - smtp + check: check_smtp + hostgroups: postfix-hosts + depends: process - postfix - master + - + name: network service - smtp + check: check_smtp + hostgroups: computers + excludehostgroups: postfix-hosts + depends: process - exim + + + ### + - + name: process - uptimed + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u daemon -C uptimed -a '/usr/sbin/uptimed'" + hostgroups: computers + ### + - + name: process - irqbalance + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C irqbalance -a '/usr/sbin/irqbalance'" + hostgroups: computers + excludehosts: arcadelt, agricola, argento, penalosa, peri, escher + + ############ Processes/Services that only run on some computers ############ #### @@ -295,14 +676,194 @@ services: name: process - mdadm monitor nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -u root -C mdadm -a '/sbin/mdadm --monitor --pid-file /var/run/mdadm/monitor.pid --daemonise --scan'" hostgroups: sw-raid + - + name: RAID - sw raid + nrpe: "/usr/lib/nagios/plugins/dsa-check-raid-sw" + hostgroups: sw-raid ### - name: process - cpqarrayd nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -u root -C cpqarrayd -a '/usr/sbin/cpqarrayd'" - hostgroups: dl385 - ### + hostgroups: dl385, dl380 - name: RAID - arrayprobe nrpe: "sudo /usr/bin/arrayprobe" - hostgroups: dl385 + hostgroups: dl385, dl380 + + ### + - + name: process - slapd + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:20 -c 1:50 -u openldap -C slapd -a '/usr/sbin/slapd -g openldap -u openldap'" + hosts: samosa + ### + - + name: process - udevd + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C udevd -a 'udevd'" + hosts: sperger, ries, steffani, merkel, spohr, peri, penalosa, albeniz, escher + ### + - + name: process - acpid + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C acpid -a '/usr/sbin/acpid -c /etc/acpi/events -s /var/run/acpid.socket'" + hosts: ries, steffani + + ### + - + name: process - xinetd + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C xinetd -a '/usr/sbin/xinetd -pidfile /var/run/xinetd.pid -stayalive'" + hosts: samosa, raptor + hostgroups: rsyncd-hosts + ### + - + name: network service - finger + check: check_tcp!79 + hosts: samosa + depends: process - xinetd + ### + - + name: network service - rsync + check: check_tcp!873 + hostgroups: rsyncd-hosts + depends: process - xinetd + + - + name: network service - rsync + check: check_tcp!873 + hosts: rietz2 + depends: rietz:process - xinetd + + ### + - + name: process - nagios1 + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u nagios -C nagios -a '/usr/sbin/nagios -d /etc/nagios/nagios.cfg'" + hosts: samosa + - + name: process - nagios3 + # it forks one instance to check, so make it -w 1:2 + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:2 -c 1: -u nagios -C nagios3 -a '/usr/sbin/nagios3 -d /etc/nagios3/nagios.cfg'" + hosts: samosa + + ### + - + name: process - apache2 - master + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -u root -C apache2 -a /usr/sbin/apache2" + hostgroups: apache2-hosts + - + name: process - apache2 - worker + nrpe: "/usr/lib/nagios/plugins/check_procs -w 2:50 -c 1:100 -u www-data -C apache2 -a /usr/sbin/apache2" + hostgroups: apache2-hosts + depends: process - apache2 - master + - + name: network service - http + check: check_http + hostgroups: apache2-hosts + depends: process - apache2 - master + + + + - + name: process - apache - master + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -u root -C apache -a /usr/sbin/apache" + hostgroups: apache1-hosts + - + name: process - apache - worker + nrpe: "/usr/lib/nagios/plugins/check_procs -w 2:75 -c 1:150 -u www-data -C apache -a /usr/sbin/apache" + hostgroups: apache1-hosts + depends: process - apache - master + - + name: network service - http + check: check_http + hostgroups: apache1-hosts + depends: process - apache - master + + - + name: network service - http keyserver + check: dsa_check_http_port!11371 + hosts: raff + depends: process - apache - master + + - + name: network service - https + check: check_https + hosts: samosa + depends: "process - apache2 - master" + normal_check_interval: 120 + notification_interval: 120 + - + name: network service - https cert + check: dsa_check_cert!443 + hosts: samosa + depends: network service - https + normal_check_interval: 240 + notification_interval: 240 + #### + - + name: process - named + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:15 -c 1: -u bind -C named -a '/usr/sbin/named -u bind'" + hostgroups: bind9-hosts + - + name: network service - dns + check: check_dns + hostgroups: bind9-hosts + depends: process - named + + #### + - + name: process - vsftp - listener + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -u root -C vsftpd -a 'vsftpd: LISTENER'" + hostgroups: ftpd-hosts + - + name: process - vsftp - instance + nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:10 -c 0:30 -u ftp -C vsftpd -a 'vsftpd: '" + hostgroups: ftpd-hosts + - + name: network service - ftp + check: check_ftp + hostgroups: ftpd-hosts + depends: process - vsftp - listener + + #### + - + name: process - debianqueued + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -u dak -C debianqueued -a '/usr/bin/perl -w ./debianqueued'" + hosts: ries + + ### + - + name: process - postresql81 - master + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u postgres -C postmaster -a '/usr/lib/postgresql/8.1/bin/postmaster -D /var/lib/postgresql/8.1/main -c config_file=/etc/postgresql/8.1/main/postgresql.conf'" + hostgroups: postgres81-hosts + - + name: process - postresql81 - writer + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u postgres -C postmaster -a 'postgres: writer process'" + hostgroups: postgres81-hosts + depends: process - postresql81 - master + - + name: process - postresql81 - buffer + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u postgres -C postmaster -a 'postgres: stats buffer process'" + hostgroups: postgres81-hosts + depends: process - postresql81 - master + - + name: process - postresql81 - collector + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u postgres -C postmaster -a 'postgres: stats collector process'" + hostgroups: postgres81-hosts + depends: process - postresql81 - master + + #### + # XXX is this needed + - + name: process - snmpd + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -u snmp -C snmpd -a '/usr/sbin/snmpd -Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'" + hosts: lobos, villa + + ### + - + name: process - buildd + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u buildd -C buildd '/usr/bin/perl /usr/bin/buildd'" + hostgroups: buildd + + ### + - + name: process - iscsid + nrpe: "/usr/lib/nagios/plugins/check_procs -w 2:2 -c 1: -u root -C iscsid '/usr/sbin/iscsid'" + hosts: raptor