X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=nagios-master.cfg;h=5cdbe4f3f7d2de12c30c70cf687132ef7dd9aafa;hb=7d2f3572b9f82403657f90c543835c04a5597628;hp=694cebd660b99ce8db05677aa964cbcd449fcd60;hpb=8913ee7cc9c54ba791e8fff0cd872a83f3cf6310;p=mirror%2Fdsa-nagios.git diff --git a/nagios-master.cfg b/nagios-master.cfg index 694cebd..5cdbe4f 100644 --- a/nagios-master.cfg +++ b/nagios-master.cfg @@ -3,6 +3,43 @@ # Strings ought to be in double quotes, but it works in most cases if they aren't :) # # vim:set syntax=yaml: + +# TODO +# - raff: identd, hpasmd +# - spohr: hpasmd +# - *: mailq +# - *: check munin stats collection works +# - *: check backups are successful +# - *: unwanted: network: auth, discard, daytime, time (on some), cvs-pserver, rsync (on some), ftp (on some), http (on some) +# - goetz: gmond/gmetad +# - verdi: pg upgrade, openvpn +# - mundy: salinfo_decode +# - +# - agnesi +# - casals +# - crest +# - elara +# - europa +# - kassia +# - kullervo +# - lebrun +# - liszt +# - murphy +# - paer +# - piatti +# - puccini +# - spontini +# - tartini +#sarge: +# - caballero + +# down: +# - ravel +# - sarti +# - goedel +# - leisner +# - schulz + --- ############################# # hosts @@ -18,25 +55,211 @@ servers: hostgroups: routing-infrastructure gw-brainfood: address: 70.103.162.1 - parents: samosa + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-brown.edu: + address: 128.148.34.1 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-osuosl: + address: 140.211.166.1 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-scanplus-villa: + address: 212.211.132.1 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-scanplus-lobos: + address: 212.211.132.249 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-mit-csail: + address: 128.30.0.254 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-xs4all: + address: 194.109.137.217 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-umn.edu: + address: 128.101.240.222 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-dg-i.net: + address: 195.49.152.190 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-freenet: + address: 62.104.23.249 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-topalis: + address: 195.243.109.254 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-sanger: + address: 193.62.202.18 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-cst: + address: 213.188.99.215 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-lrz: + address: 129.187.0.150 + parents: gw-HP-ftc + hostgroups: routing-infrastructure + gw-frost: + address: 130.81.242.195 + parents: gw-HP-ftc hostgroups: routing-infrastructure samosa: address: 192.25.206.57 - hostgroups: computers, dl380, apache2-hosts, bind9-hosts + hostgroups: computers, service, dl380, apache2-hosts, bind9-hosts, heavy-email + raff: + address: 192.25.206.59 + parents: samosa + hostgroups: computers, service, dl380, apache1-hosts, bind9-hosts, rsyncd-hosts, heavy-email + gluck: + address: 192.25.206.10 + parents: samosa + hostgroups: computers, general, dl380, apache1-hosts, bind9-hosts, rsyncd-hosts, heavy-email + merkel: + address: 192.25.206.16 + parents: samosa + hostgroups: computers, general, apache1-hosts, bind9-hosts, rsyncd-hosts, sw-raid, postgres81-hosts, heavy-email + spohr: + address: 192.25.206.33 + parents: samosa + hostgroups: computers, service, dl380, apache2-hosts, postgres81-hosts + peri: + address: 192.25.206.15 + parents: samosa + hostgroups: computers, buildd, sw-raid + penalosa: + address: 192.25.206.68 + parents: samosa + hostgroups: computers, buildd, sw-raid + mundy: + address: 192.25.206.62 + parents: samosa + hostgroups: computers, buildd bartok: address: 82.195.75.91 parents: gw-MAN-DA-debian - hostgroups: computers, syslog-ng-hosts, postfix-hosts, dl385 + hostgroups: computers, service, syslog-ng-hosts, postfix-hosts, dl385 sperger: address: 82.195.75.98 parents: gw-MAN-DA-debian hostgroups: computers, porterbox, sw-raid + agricola: + address: 82.195.75.86 + parents: gw-MAN-DA-debian + hostgroups: computers, porterbox, sw-raid + arcadelt: + address: 82.195.75.87 + parents: gw-MAN-DA-debian + hostgroups: computers, buildd, sw-raid master: address: 70.103.162.29 - hostgroups: computers, apache2-hosts, bind9-hosts + parents: gw-brainfood + hostgroups: computers, general, apache2-hosts, bind9-hosts, heavy-email + + ries: + address: 128.148.34.103 + parents: gw-brown.edu + hostgroups: computers, service, apache2-hosts, bind9-hosts, ftpd-hosts, dl385, rsyncd-hosts, postgres81-hosts, heavy-email + + mayer: + address: 140.211.166.78 + parents: gw-osuosl + hostgroups: computers, buildd + mayr: + address: 140.211.166.58 + parents: gw-osuosl + hostgroups: computers, buildd + malo: + address: 140.211.166.27 + parents: gw-osuosl + hostgroups: computers, buildd + rietz: + address: 140.211.166.43 + parents: gw-osuosl + hostgroups: computers, service, apache2-hosts, bind9-hosts, rsyncd-hosts, dl385, heavy-email + rietz2: + address: 140.211.166.44 + parents: rietz + hostgroups: secondary-IPs + + villa: + address: 212.211.132.32 + parents: gw-scanplus-villa + hostgroups: computers, service, apache2-hosts, ftpd-hosts, rsyncd-hosts, dl380 + lobos: + address: 212.211.132.250 + parents: gw-scanplus-lobos + hostgroups: computers, service, apache2-hosts, ftpd-hosts, rsyncd-hosts, dl380 + + steffani: + address: 128.31.0.36 + parents: gw-mit-csail + hostgroups: computers, service, apache2-hosts, ftpd-hosts, rsyncd-hosts, sw-raid + + klecker: + address: 194.109.137.218 + parents: gw-xs4all + hostgroups: computers, service, apache2-hosts, ftpd-hosts, rsyncd-hosts, bind9-hosts, dl385, postgres81-hosts, heavy-email + + saens: + address: 128.101.240.212 + parents: gw-umn.edu + hostgroups: computers, service, apache2-hosts, ftpd-hosts, rsyncd-hosts, dl380, heavy-email + + argento: + address: 195.49.152.174 + parents: gw-dg-i.net + hostgroups: computers, buildd, sw-raid + + pergolesi: + address: 62.104.23.252 + parents: gw-freenet + hostgroups: computers, porterbox, sw-raid + bruckner: + address: 62.104.23.253 + parents: gw-freenet + hostgroups: computers, porterbox + + raptor: + address: 195.243.109.162 + parents: gw-topalis + hostgroups: computers, porterbox + + albeniz: + address: 193.62.202.27 + parents: gw-sanger + hostgroups: computers, porterbox, sw-raid + goetz: + address: 193.62.202.26 + parents: gw-sanger + hostgroups: computers, buildd, sw-raid + + escher: + address: 213.188.99.215 + parents: gw-cst + hostgroups: computers, porterbox + + verdi: + address: 192.54.42.193 + parents: gw-lrz + hostgroups: computers, service, apache2-hosts, ftpd-hosts, rsyncd-hosts, postgres81-hosts, postfix-hosts + + voltaire: + address: 72.66.115.54 + parents: gw-frost + hostgroups: computers, buildd ############################# # host groups @@ -54,7 +277,22 @@ hostgroups: extinfo-icon_image_alt: router porterbox: - alias: developer accessible porter machien + alias: developer accessible porter machines + extinfo-icon_image: base/debian.png + extinfo-icon_image_alt: Debian GNU/Linux + extinfo-notes_url: http://db.debian.org/machines.cgi?host=%s + service: + alias: machines running services + extinfo-icon_image: base/debian.png + extinfo-icon_image_alt: Debian GNU/Linux + extinfo-notes_url: http://db.debian.org/machines.cgi?host=%s + buildd: + alias: buildd systems + extinfo-icon_image: base/debian.png + extinfo-icon_image_alt: Debian GNU/Linux + extinfo-notes_url: http://db.debian.org/machines.cgi?host=%s + general: + alias: general purpose developer accessible machines extinfo-icon_image: base/debian.png extinfo-icon_image_alt: Debian GNU/Linux extinfo-notes_url: http://db.debian.org/machines.cgi?host=%s @@ -75,12 +313,31 @@ hostgroups: postfix-hosts: alias: hosts running postfix instead of exim private: 1 + heavy-email: + alias: "hosts running the full mail stuff, including clamav, SA, and greylistd" + private: 1 apache2-hosts: alias: hosts running apache2 private: 1 + apache1-hosts: + alias: hosts running apache1 + private: 1 bind9-hosts: alias: hosts running bind9 private: 1 + ftpd-hosts: + alias: hosts running vsftpd + private: 1 + rsyncd-hosts: + alias: hosts providing rsync services via xinetd + private: 1 + postgres81-hosts: + alias: hosts running postgres81 + private: 1 + + secondary-IPs: + alias: secondary IP addresses + private: 1 ############################# # services @@ -107,23 +364,47 @@ services: - name: disk usage on /boot nrpe: "/usr/lib/nagios/plugins/check_disk 60 80 /boot" - hosts: sperger + hosts: sperger, rietz, steffani, penalosa, peri, albeniz, escher, goetz, mayer, mayr - name: disk usage on /var nrpe: "/usr/lib/nagios/plugins/check_disk 50 75 /var" - hosts: bartok, samosa + hosts: bartok, samosa, raff, lobos, villa, gluck, saens, escher, voltaire - name: disk usage on /org nrpe: "/usr/lib/nagios/plugins/check_disk 80 90 /org" - hosts: bartok, sperger, samosa + hosts: bartok, sperger, samosa, raff, lobos, villa, steffani, merkel, saens, pergolesi, verdi + - + name: disk usage on /srv + nrpe: "/usr/lib/nagios/plugins/check_disk 80 90 /srv" + hosts: agricola, arcadelt, argento + - + name: disk usage on /org/scratch2 + nrpe: "/usr/lib/nagios/plugins/check_disk 80 90 /org/scratch2" + hosts: merkel + - + name: disk usage on /oldorg + nrpe: "/usr/lib/nagios/plugins/check_disk 80 90 /oldorg" + hosts: merkel - name: disk usage on /tmp nrpe: "/usr/lib/nagios/plugins/check_disk 60 80 /tmp" - hosts: samosa + hosts: samosa, raff, gluck, saens, escher - name: disk usage on /usr nrpe: "/usr/lib/nagios/plugins/check_disk 75 90 /usr" - hosts: samosa + hosts: samosa, raff, lobos, villa, gluck, saens, pergolesi + - + name: disk usage on /home + nrpe: "/usr/lib/nagios/plugins/check_disk 75 90 /home" + hosts: gluck, raptor, escher, voltaire + - + name: disk usage on /chroot + nrpe: "/usr/lib/nagios/plugins/check_disk 75 90 /chroot" + hosts: raptor + - + name: disk usage on /mnt/hdc + nrpe: "/usr/lib/nagios/plugins/check_disk 75 90 /mnt/hdc" + hosts: voltaire ############ All Computers ############ #### @@ -210,11 +491,20 @@ services: # etch: nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u ntp -C ntpd -a '/usr/sbin/ntpd -p /var/run/ntpd.pid'" nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -C ntpd -a '/usr/sbin/ntpd -p /var/run/ntpd.pid'" hostgroups: computers + excludehosts: raptor - name: network service - ntp check: check_ntp hostgroups: computers depends: process - ntpd + excludehosts: raptor + # + - + name: network service - time + check: check_time + hosts: raptor + depends: process - xinetd + ### - name: process - atd @@ -250,43 +540,83 @@ services: nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u Debian-exim -C exim4 -a '/usr/sbin/exim4 -bd -q'" hostgroups: computers excludehostgroups: postfix-hosts - excludehosts: master + excludehosts: master, rietz, merkel + - + name: process - exim - total + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:50 -c 1: -C exim4" + hostgroups: computers + excludehostgroups: postfix-hosts + excludehosts: master, rietz, merkel - name: process - exim nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:300 -c 1:500 -C exim4 -a '/usr/sbin/exim4'" - hosts: master + hosts: master, rietz, merkel ### - name: process - clamav - clamd nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:2 -c 1: -u clamav -C clamd -a '/usr/sbin/clamd'" - hostgroups: computers - excludehostgroups: postfix-hosts + hostgroups: heavy-email - name: service - clamav nrpe: "/usr/lib/nagios/plugins/check_clamd -H /var/run/clamav/clamd.ctl" - hostgroups: computers - excludehostgroups: postfix-hosts + hostgroups: heavy-email depends: process - clamav - clamd - name: process - clamav - freshclam nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u clamav -C freshclam -a '/usr/bin/freshclam -d --quiet'" + hostgroups: heavy-email + # + - + name: unwanted process - clamav + nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C clamd" hostgroups: computers - excludehostgroups: postfix-hosts + excludehostgroups: heavy-email + - + name: unwanted process - freshclam + nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C freshclam" + hostgroups: computers + excludehostgroups: heavy-email ### - name: process - spamd - master nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C spamd -a '/usr/sbin/spamd --create-prefs --max-children 5 --helper-home-dir -d --pidfile=/var/run/spamd.pid'" - hosts: samosa + #hosts: samosa + hostgroups: heavy-email + excludehosts: rietz - name: process - spamd - child nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:6 -c 1: -C spamd -a 'spamd child'" - hosts: samosa + hostgroups: heavy-email depends: process - spamd - master + excludehosts: rietz + # + - + name: process - spamd - master + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u debbugs -C spamd -a '/usr/sbin/spamd -d '" + hosts: rietz + - + name: process - spamd - child + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:6 -c 1: -u debbugs -C spamd -a 'spamd child'" + hosts: rietz + # + - + name: unwanted process - spamd + nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C spamd" + hostgroups: computers + excludehostgroups: heavy-email + ### - name: process - greylistd nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u greylist -C greylistd -a '/usr/bin/python /usr/sbin/greylistd'" - hosts: samosa + hostgroups: heavy-email + # + - + name: unwanted process - greylistd + nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C greylistd" + hostgroups: computers + excludehostgroups: heavy-email + ### - @@ -341,14 +671,60 @@ services: depends: process - postfix - master + ### + - + name: network service - smtp + check: check_smtp + hostgroups: postfix-hosts + depends: process - postfix - master + - + name: network service - smtp + check: check_smtp + hostgroups: computers + excludehostgroups: postfix-hosts + depends: process - exim + ### - name: process - uptimed nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u daemon -C uptimed -a '/usr/sbin/uptimed'" hostgroups: computers + ### + - + name: process - irqbalance + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C irqbalance -a '/usr/sbin/irqbalance'" + hostgroups: computers + excludehosts: arcadelt, agricola, argento, penalosa, peri, escher, bruckner + #### + ### + - + name: unwanted process - system-tools-backends + nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C system-tools-ba" + hostgroups: computers + - + name: unwanted process - dbus-daemon + nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C dbus-daemon" + hostgroups: computers + - + name: unwanted process - gkrellmd + nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C gkrellmd" + hostgroups: computers + - + name: unwanted process - portmap + nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C portmap" + hostgroups: computers + - + name: unwanted process - rpc.statd + nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C rpc.statd" + hostgroups: computers + - + name: unwanted process - inetd + nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C inetd" + hostgroups: computers + ############ Processes/Services that only run on some computers ############ #### @@ -388,17 +764,48 @@ services: name: process - slapd nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:20 -c 1:50 -u openldap -C slapd -a '/usr/sbin/slapd -g openldap -u openldap'" hosts: samosa + ### + - + name: process - udevd + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C udevd -a 'udevd'" + hosts: sperger, ries, steffani, merkel, spohr, peri, penalosa, albeniz, escher, verdi + ### + - + name: process - acpid + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C acpid -a '/usr/sbin/acpid -c /etc/acpi/events -s /var/run/acpid.socket'" + hosts: ries, steffani + ### - name: process - xinetd nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C xinetd -a '/usr/sbin/xinetd -pidfile /var/run/xinetd.pid -stayalive'" - hosts: samosa + hosts: samosa, raptor + hostgroups: rsyncd-hosts + - + name: unwanted process - xinetd + nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C xinetd" + hostgroups: computers + excludehosts: samosa, raptor + excludehostgroups: rsyncd-hosts ### - name: network service - finger check: check_tcp!79 hosts: samosa depends: process - xinetd + ### + - + name: network service - rsync + check: check_tcp!873 + hostgroups: rsyncd-hosts + depends: process - xinetd + + - + name: network service - rsync + check: check_tcp!873 + hosts: rietz2 + depends: rietz:process - xinetd + ### - name: process - nagios1 @@ -425,6 +832,30 @@ services: check: check_http hostgroups: apache2-hosts depends: process - apache2 - master + + + + - + name: process - apache - master + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -u root -C apache -a /usr/sbin/apache" + hostgroups: apache1-hosts + - + name: process - apache - worker + nrpe: "/usr/lib/nagios/plugins/check_procs -w 2:75 -c 1:150 -u www-data -C apache -a /usr/sbin/apache" + hostgroups: apache1-hosts + depends: process - apache - master + - + name: network service - http + check: check_http + hostgroups: apache1-hosts + depends: process - apache - master + + - + name: network service - http keyserver + check: dsa_check_http_port!11371 + hosts: raff + depends: process - apache - master + - name: network service - https check: check_https @@ -449,3 +880,75 @@ services: check: check_dns hostgroups: bind9-hosts depends: process - named + - + name: unwanted process - named + nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:0 -C named'" + hostgroups: computers + excludehostgroups: bind9-hosts + + #### + - + name: process - vsftp - listener + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -u root -C vsftpd -a 'vsftpd: LISTENER'" + hostgroups: ftpd-hosts + - + name: process - vsftp - instance + nrpe: "/usr/lib/nagios/plugins/check_procs -w 0:30 -c 0:50 -u ftp -C vsftpd -a 'vsftpd: '" + hostgroups: ftpd-hosts + - + name: network service - ftp + check: check_ftp + hostgroups: ftpd-hosts + depends: process - vsftp - listener + + #### + - + name: process - debianqueued + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -u dak -C debianqueued -a '/usr/bin/perl -w ./debianqueued'" + hosts: ries + + ### + - + name: process - postresql81 - master + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u postgres -C postmaster -a '/usr/lib/postgresql/8.1/bin/postmaster -D /var/lib/postgresql/8.1/main -c config_file=/etc/postgresql/8.1/main/postgresql.conf'" + hostgroups: postgres81-hosts + - + name: process - postresql81 - writer + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u postgres -C postmaster -a 'postgres: writer process'" + hostgroups: postgres81-hosts + depends: process - postresql81 - master + - + name: process - postresql81 - buffer + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u postgres -C postmaster -a 'postgres: stats buffer process'" + hostgroups: postgres81-hosts + depends: process - postresql81 - master + - + name: process - postresql81 - collector + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u postgres -C postmaster -a 'postgres: stats collector process'" + hostgroups: postgres81-hosts + depends: process - postresql81 - master + + #### + # XXX is this needed + - + name: process - snmpd + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -u snmp -C snmpd -a '/usr/sbin/snmpd -Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid 127.0.0.1'" + hosts: lobos, villa + + ### + - + name: process - buildd + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u buildd -C buildd '/usr/bin/perl /usr/bin/buildd'" + hostgroups: buildd + + ### + - + name: process - iscsid + nrpe: "/usr/lib/nagios/plugins/check_procs -w 2:2 -c 1: -u root -C iscsid '/usr/sbin/iscsid'" + hosts: raptor + + ### + - + name: process - tftpd + nrpe: "/usr/lib/nagios/plugins/check_procs -w 1:1 -c 1: -u root -C in.tftpd -a '/usr/sbin/in.tftpd -l -B 1450 -s /var/lib/tftpboot'" + hosts: malo