Nagios Logo NSCA allows the sending of results directly to the Nagios external command pipe. It consists of two parts: the daemon and the client. The part responsible for receiving check results and passing them to Nagios is the daemon. The daemon listens on a specific TCP port for NSCA clients passing information. It accepts and authenticates incoming connections and passes these results to the Nagios external command pipe. All information is encrypted using the MCrypt library.

In this post I will cover installation & configuration of the NSCA daemon & client and configuring Nagios to process the received messages. I will also cover writing a script to check the status of a service and testing this, and then latter putting this into the root crontab so that this script is executed every 5 minutes.

Nagios Service Check Acceptor

NSCA Daemon

Nagios Service Check Acceptor, more commonly know as NSCA, is the daemon that runs on the Nagios server, listening for messages from hosts that your Nagios server monitors. With no more fluff, let us install it and see what it tells us about itself.

# pkg install nsca
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 2 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	nsca: 2.9.2_1
	libmcrypt: 2.5.8_3

Number of packages to be installed: 2

149 KiB to be downloaded.

Proceed with this action? [y/N]: y
[1/2] Fetching nsca-2.9.2_1.txz: 100%   29 KiB  30.0kB/s    00:01    
[2/2] Fetching libmcrypt-2.5.8_3.txz: 100%  120 KiB 122.9kB/s    00:01    
Checking integrity... done (0 conflicting)
[1/2] Installing libmcrypt-2.5.8_3...
[1/2] Extracting libmcrypt-2.5.8_3: 100%
[2/2] Installing nsca-2.9.2_1...
[2/2] Extracting nsca-2.9.2_1: 100%
=====
Message from nsca-2.9.2_1:

--
This port includes only the server part of NSCA ("nsca").
If you need the "send_nsca" utility install the net-mgmt/nsca-client port.

The default configuration file is installed at:
/usr/local/etc/nagios/nsca.cfg-sample

NSCA Client & Nagios Plugins

The NSCA client that is run on the hosts that Nagios monitors is installed as follows. It is also a good time to install the Nagios Plugins so that we can use these later as checks. Check the output for any interesting information.

# pkg install nsca-client nagios-plugins
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 4 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	nsca-client: 2.9.2_1
	nagios-plugins: 2.3.1,1
	libmcrypt: 2.5.8_3
	perl5: 5.30.1

Number of packages to be installed: 4

The process will require 62 MiB more space.
14 MiB to be downloaded.

Proceed with this action? [y/N]: y
[1/4] Fetching nsca-client-2.9.2_1.txz: 100%   23 KiB  23.3kB/s    00:01    
[2/4] Fetching nagios-plugins-2.3.1,1.txz: 100%  411 KiB 140.2kB/s    00:03    
[3/4] Fetching libmcrypt-2.5.8_3.txz: 100%  120 KiB 122.9kB/s    00:01    
[4/4] Fetching perl5-5.30.1.txz: 100%   14 MiB 180.7kB/s    01:21    
Checking integrity... done (0 conflicting)
[1/4] Installing libmcrypt-2.5.8_3...
[1/4] Extracting libmcrypt-2.5.8_3: 100%
[2/4] Installing perl5-5.30.1...
[2/4] Extracting perl5-5.30.1: 100%
[3/4] Installing nsca-client-2.9.2_1...
[3/4] Extracting nsca-client-2.9.2_1: 100%
[4/4] Installing nagios-plugins-2.3.1,1...
[4/4] Extracting nagios-plugins-2.3.1,1: 100%
=====
Message from perl5-5.30.1:

--
The /usr/bin/perl symlink has been removed starting with Perl 5.20.
For shebangs, you should either use:

#!/usr/local/bin/perl

or

#!/usr/bin/env perl

The first one will only work if you have a /usr/local/bin/perl,
the second will work as long as perl is in PATH.
=====
Message from nsca-client-2.9.2_1:

--
This port installs only the client part of NSCA ("send_nsca").
If you need the nsca daemon install the net-mgmt/nsca port.

The default configuration file is installed at:
/usr/local/etc/nagios/send_nsca.cfg-sample

Create the Configuration files for the Daemon and the Client.

What the output above does not tell you, is that the default configuration files that it lists are not in fact the default configuration files. The are only samples that need to be copied into place such as with other Nagios configuration files. Here I will just cat the configuration files to show what I have entered.

# cat /usr/local/etc/nagios/nsca.cfg
log_facility=daemon
pid_file=/var/run/nsca.pid
server_port=5667
nsca_user=nagios
nsca_group=nagios
debug=1
command_file=/var/spool/nagios/rw/nagios.cmd
alternate_dump_file=/var/spool/nagios/rw/nsca.dump
aggregate_writes=0
append_to_file=0
max_packet_age=30
password="secret"
decryption_method=8

On the NSCA client, we need to match the password and encryption directives.

# cat /usr/local/etc/nagios/send_nsca.cfg
password="secret"
encryption_method=8

I have set debug=1 whilst we set up NSCA, however you will probably want to turn this off by setting debug=0 when you have verified everything is working as it should be.

All that is left to do for the NSCA daemon is to enable it under /etc/rc.conf on the server and start the daemon.

# echo 'nsca_enable="YES"' >> /etc/rc.conf
# service nsca start

Setup Nagios to Receive NSCA Messages

We now go on to define a host and service on the Nagios server so we can handle messages later.

First we setup a directory for our servers, this is done with the mkdir command and un-commenting the #cfg_dir=/usr/local/etc/nagios/servers line in the nagios.cfg file.

# mkdir /usr/local/etc/nagios/servers
# vi /usr/local/etc/nagios/nagios.cfg
cfg_dir=/usr/local/etc/nagios/servers

Now we create our host and service configuration files. Using the hostname for the host.cfg file, which in my case is freebsd120.cfg.

# cat /usr/local/etc/nagios/servers/freebsd120.cfg
define host {
    use                     freebsd-server          
    host_name               freebsd120
    alias                   test-server
    address                 192.168.100.137
}

And now the services.cfg file.

# cat /usr/local/etc/nagios/servers/services.cfg
define service{
    use                     passive_service
    service_description     Nagios Service Status
    host_name               freebsd120
}

We still have two more files to create, the templates.cfg which defines the passive_service and the commands.cfg which is a dependency of the templates.cfg.

# cat /usr/local/etc/nagios/servers/templates.cfg
define service{
        use                             generic-service
        name                            passive_service
        active_checks_enabled           0
        passive_checks_enabled          1
        flap_detection_enabled          1
        register                        0
        is_volatile                     0
        check_period                    24x7
        max_check_attempts              1
        normal_check_interval           5
        retry_check_interval            1
        check_freshness                 1
        freshness_threshold             360
        contact_groups                  admins
        check_command                   check_dummy!2!"Service is STALE!"
        notification_interval           120
        notification_period             24x7
        notification_options            w,u,c,r
        stalking_options                w,c,u
        }

The check_dummy command is a helper command to alert Nagios that the host has not sent a message in the required time.

# cat /usr/local/etc/nagios/servers/commands.cfg
define command{
        command_name    check_dummy
        command_line    $USER1$/check_dummy '$ARG1$' '$ARG2$'
        }

Restart Nagios & Start NSCA

# service nagios restart

That is all the configuration done. We next move on to test the server and client with a script that will check whether the Nagios service is running and will forward the results as a message to the NSCA daemon.

Create a Check Nagios shell script

If you read through this script it is pretty self explanatory. However, it is important to note, that in the line that starts with #!/bin/echo, from $HOST to the Pipe sign, we use Tabs, to separate the parts of the message.

# cat /usr/local/etc/nagios/nsca-checks/check_disk.sh
#!/bin/sh

SERVICE="Disk Usage"

NAGIOS="alpha.pbdigital.org"
HOST=`/bin/hostname`

MESSAGE=`/usr/local/libexec/nagios/check_disk -w 20% -c 10% -p /`
STATUS=`echo $MESSAGE | awk '{ print $2 }'`

if [ $STATUS = "OK"  ]
  then
    STATE=0
  elif [ $STATUS = "WARNING"  ]
  then
    STATE=1
  else
    STATE=2
fi

/bin/echo "$HOST	$SERVICE	$STATE	Disk Usage - $MESSAGE" | /usr/local/sbin/send_nsca -H $NAGIOS -c /usr/local/etc/nagios/send_nsca.cfg

Go ahead and make this file executable and fire it off. You should receive a response as:

# /usr/local/etc/nagios/nsca-checks/check_disk.sh
1 data packet(s) sent to host successfully

Common Problems

If the response says that 0 data object(s) were sent, then you most likely have spaces instead of tabs in your echo command, in the script.

If no data is getting through to Nagios, check the logs in /var/log/messages. If you encounter the message below, a reboot resolved this issue for me.

nsca[20925]: Received invalid packet type/version from client - possibly due to client using wrong password or crypto algorithm?

Setup Crontab to Schedule these Scripts

Now we can edit our root crontab file as below, so that these scripts fire off every 5 minutes. For more info on crontab view the FreeBSD Documentation.

# crontab -e
SHELL=/bin/sh
PATH=/bin:/sbin:/usr/bin:/usr/sbin
HOME=/var/log

*/5    *       *       *       *       /usr/local/etc/nagios/nsca-checks/check_disk.sh > /dev/null

You should verify that all went well with crontab -l or if you prefer, you can view the root crontab at /var/cron/tabs/root.

Now that we have all this configured, Nagios will receive messages from the client every 5 minutes and Nagios will update its web interface, where you can view the results.

Wrapping Up

Now is a good time to monitor what happens when a service fails on the Nagios web interface and also in your email client if you have set up email notifications correctly. Oh, and don’t forget to set debug=0 if you have not already, when you are done verifying operation.