上线的服务器有时会被人攻击,导致服务不可用,今天安装配置了nagios对上线服务器进行监控,简单记录一下

#安装必要的软件包
yum install -y gcc glibc glibc-common gd gd-devel xinetd openssl-devel
#创建nagios用户及授予目录权限
useradd -s /sbin/nologin nagios
mkdir /usr/local/nagios
chown -R nagios.nagios /usr/local/nagios
#安装nagios
tar xf nagios-4.0.7.tar.gz
cd nagios-4.0.7
./configure --prefix=/usr/local/nagios
make all
make install && make install-init && make install-commandmode && make install-config
chkconfig --add nagios && chkconfig --level 35 nagios on && chkconfig --list nagios
#安装nagios-plugins
tar xf nagios-plugins-2.0.2.tar.gz
cd nagios-plugins-2.0.2
./configure --prefix=/usr/local/nagios
make && make install
#安装apache
tar xf httpd-2.2.23.tar.gz
cd httpd-2.2.23
./configure --prefix=/usr/local/apache2
make && make install
#安装php
tar xf php-5.5.13.tar.gz
cd php-5.5.13
./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache2/bin/apxs
make && make install

接下来配置apache

#生成nagios密码文件
/usr/local/apache2/bin/htpasswd -c /usr/local/nagios/etc/htpasswd admin
vim /usr/local/apache2/conf/httpd.conf
...
User nagios
Group nagios
...
<IfModule dir_module>
    DirectoryIndex index.html index.php
</IfModule>
...
AddType application/x-httpd-php .php
...
#setting for nagios
ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"
<Directory "/usr/local/nagios/sbin">
     AuthType Basic
     Options ExecCGI
     AllowOverride None
     Order allow,deny
     Allow from all
     AuthName "Nagios Access"
     AuthUserFile /usr/local/nagios/etc/htpasswd             //用于此目录访问身份验证的文件
     Require valid-user
</Directory> Alias /nagios "/usr/local/nagios/share"
<Directory "/usr/local/nagios/share">
     AuthType Basic
     Options None
     AllowOverride None
     Order allow,deny
     Allow from all
     AuthName "nagios Access"
     AuthUserFile /usr/local/nagios/etc/htpasswd
     Require valid-user
</Directory>

启动apache

vim /etc/init.d/httpd
#!/bin/sh
#
# Startup script for the Apache Web Server
#
# chkconfig: 345 85 15
# description: Apache is a World Wide Web server.  It is used to serve \
#           HTML files and CGI.
# processname: httpd
# pidfile: /usr/local/apache2/logs/httpd.pid
# config: /usr/local/apache2/conf/httpd.conf

# Source function library.
. /etc/rc.d/init.d/functions

# See how we were called.
case "$1" in
start)
echo -n "Starting httpd: "
daemon /usr/local/apache2/bin/httpd -DSSL
echo
touch /var/lock/subsys/httpd
;;
stop)
echo -n "Shutting down http: "
killproc httpd
echo
rm -f /var/lock/subsys/httpd
rm -f /usr/local/apache2/logs/httpd.pid
;;
status)
status httpd
;;
restart)
$0 stop
$0 start
;;
reload)
echo -n "Reloading httpd: "
killproc httpd -HUP
echo
;;
*)
echo "Usage: $0 {start|stop|restart|reload|status}"
exit 1
esac

exit 0

chmod +x /etc/init.d/httpd
chkconfig httpd on
/etc/init.d/httpd start

接下来配置nagios

#确保admin用户登录后有权限查看信息
vim /usr/local/nagios/etc/cgi.cfg
...
default_user_name=admin
authorized_for_system_information=nagiosadmin,admin
authorized_for_configuration_information=nagiosadmin,admin
authorized_for_system_commands=admin
authorized_for_all_services=nagiosadmin,admin
authorized_for_all_hosts=nagiosadmin,admin
authorized_for_all_service_commands=nagiosadmin,admin
authorized_for_all_host_commands=nagiosadmin,admin
...

#修改nagios主配置文件,将主机的定义都放在/usr/local/nagios/etc/hosts目录中
mkdir /usr/local/nagios/etc/hosts
vim /usr/local/nagios/etc/nagios.cfg
...
cfg_dir=/usr/local/nagios/etc/hosts
...

#添加一个自定义命令
vim /usr/local/nagios/etc/objects/command.cfg

...
# 'check_custom_http' command definition
define command{
        command_name    check_custom_http
        command_line    $USER1$/check_http -4 -N -H $ARG1$ -u $ARG2$
        }

# 'check_dns' command definition
define command{
        command_name    check_dns
        command_line    $USER1$/check_dns -v -H $ARG1$ -a $ARG2$ -w $ARG3$ -c $ARG4$
        }
...

#定义主机组
vim /usr/local/nagios/etc/hosts/group.cfg

define hostgroup{
        hostgroup_name    groupname1
        alias               groupname1
        members             server1 #server1必须在/etc/hosts里有对应的映射
}

#定义主机server1
vim /usr/local/nagios/etc/hosts/server1.cfg

define host{
        use                     linux-server
        host_name               server1
        alias                   server1
        address                 xx.xx.xx.xx
        notification_period     24x7
}
define service{
        use                             local-service         ; Name of service template to use
        host_name                       server1
        service_description             PING
        check_command                   check_ping!100.0,20%!500.0,60% ; 延时100ms丢包率大于20%时,则发出警告通知; 延时500ms丢包率大于60%时,则发出严重错误通知
}
;需要做好本机使用的DNS设置,在/etc/resolv.conf文件中定义
define service{
        use                             local-service         ; Name of service template to use
        host_name                       server1
        service_description             DNS
        check_command                   check_dns!xxx.test.com!xx.xx.xx.xx!4!10 ;连续解析域名发生4次错误,则发出警告通知;连续解析域名发生10次错误,则发出严重错误通知;
}
define service{
        use                             local-service         ; Name of service template to use
        host_name                       server1
        service_description             HTTP
        check_command                   check_custom_http!xxx.abc.com!/somepath/path1  ;注意这里的参数要以!分隔
}
define service{
        use                             local-service         ; Name of service template to use
        host_name                       server1
        service_description             SSH
        check_command                   check_ssh
}

#配置监控出现问题时要通知的联系人
vim /usr/local/nagios/etc/objects/contacts.cfg

define contact{
        contact_name                    user1                ; Short name of user
        use                             generic-contact         ; Inherit default values from generic-contact template (defined above)
        alias                           user1                ; Full name of user

        email                           user1@abc.com  ; <<***** CHANGE THIS TO YOUR EMAIL ADDRESS ******
        }

define contact{
        contact_name                    user2                ; Short name of user
        use                             generic-contact         ; Inherit default values from generic-contact template (defined above)
        alias                           user2                ; Full name of user

        email                           user2@abc.com  ; <<***** CHANGE THIS TO YOUR EMAIL ADDRESS ******
        }

 define contactgroup{
        contactgroup_name       admins
        alias                   Nagios Administrators
        members                 user1,user2
        }

重启nagios

/etc/init.d/nagios restart

刚才发现nagios监控到服务器异常也没有发邮件通知,查了一下,还需要配置mail命令可发送邮件

yum install mail
vim /etc/mail.rc
...
set from=abc-noreply@abc.com
set smtp=smtp.abc.com
set smtp-auth-user=abc-noreply@abc.com
set smtp-auth-password=somepwd
set smtp-auth=login
...