Icinga

Monitoring Publicly Available Services

Introduction

This document describes how you can monitor publicly available services, applications and protocols. By "public" we mean services that are accessible across the network - either the local network or the greater Internet. Examples of public services include HTTP, POP3, IMAP, FTP, and SSH. There are many more public services that you probably use on a daily basis. These services and applications, as well as their underlying protocols, can usually be monitored by Icinga without any special access requirements.

Private services, in contrast, cannot be monitored with Icinga without an intermediary agent of some kind. Examples of private services associated with hosts are things like CPU load, memory usage, disk usage, current user count, process information, etc. These private services or attributes of hosts are not usually exposed to external clients. This situation requires that an intermediary monitoring agent be installed on any host that you need to monitor such information on. More information on monitoring private services on different types of hosts can be found in the documentation on:

[Tip] Tip

Occasionally you will find that information on private services and applications can be monitored with SNMP. The SNMP agent allows you to remotely monitor otherwise private (and inaccessible) information about the host. For more information about monitoring services using SNMP, check out the documentation on monitoring switches and routers.

[Note] Note

These instructions assume that you've installed Icinga according to the quickstart guide. The sample configuration entries below reference objects that are defined in the sample commands.cfg and localhost.cfg config files.

Plugins for Monitoring Services

When you find yourself needing to monitor a particular application, service, or protocol, chances are good that a plugin exists to monitor it. The official Nagios plugins distribution comes with plugins that can be used to monitor a variety of services and protocols. There are also a large number of contributed plugins that can be found in the contrib/ subdirectory of the plugin distribution. The MonitoringExchange.org website hosts a number of additional plugins that have been written by users, so check it out when you have a chance.

If you don't happen to find an appropriate plugin for monitoring what you need, you can always write your own. Plugins are easy to write, so don't let this thought scare you off. Read the documentation on developing plugins for more information.

We'll walk you through monitoring some basic services that you'll probably use sooner or later. Each of these services can be monitored using one of the plugins that gets installed as part of the Nagios plugins distribution. Let's get started...

Creating a Host Definition

Before you can monitor a service, you first need to define a host that is associated with the service. You can place host definitions in any object configuration file specified by a cfg_file directive or placed in a directory specified by a cfg_dir directive. If you have already created a host definition, you can skip this step.

For this example, lets say you want to monitor a variety of services on a remote host. Let's call that host remotehost. The host definition can be placed in its own file or added to an already exiting object configuration file. Here's what the host definition for remotehost might look like:

 define host{
        use             generic-host            ; Inherit default values from a template
        host_name       remotehost              ; The name we're giving to this host
        alias           Some Remote Host        ; A longer name associated with the host
        address         192.168.1.50            ; IP address of the host
        hostgroups      allhosts                ; Host groups this host is associated with
        }

Now that a definition has been added for the host that will be monitored, we can start defining services that should be monitored. As with host definitions, service definitions can be placed in any object configuration file.

Creating Service Definitions

For each service you want to monitor, you need to define a service in Icinga that is associated with the host definition you just created. You can place service definitions in any object configuration file specified by a cfg_file directive or placed in a directory specified by a cfg_dir directive.

Some example service definitions for monitoring common public service (HTTP, FTP, etc) are given below.

Monitoring HTTP

Chances are you're going to want to monitor web servers at some point - either yours or someone else's. The check_http plugin is designed to do just that. It understands the HTTP protocol and can monitor response time, error codes, strings in the returned HTML, server certificates, and much more.

The commands.cfg file contains a command definition for using the check_http plugin. It looks like this:

 define command{
        name            check_http
        command_name    check_http
        command_line    $USER1$/check_http -I $HOSTADDRESS$ $ARG1$
        }

A simple service definition for monitoring the HTTP service on the remotehost machine might look like this:

 define service{
        use                     generic-service         ; Inherit default values from a template
        host_name               remotehost
        service_description     HTTP
        check_command           check_http
        }

This simple service definition will monitor the HTTP service running on remotehost. It will produce alerts if the web server doesn't respond within 10 seconds or if it returns HTTP errors codes (403, 404, etc.). That's all you need for basic monitoring. Pretty simple, huh?

[Tip] Tip

For more advanced monitoring, run the check_http plugin manually with --help as a command-line argument to see all the options you can give the plugin. This --help syntax works with all of the plugins we'll cover in this document.

A more advanced definition for monitoring the HTTP service is shown below. This service definition will check to see if the /download/index.php URI contains the string "latest-version.tar.gz". It will produce an error if the string isn't found, the URI isn't valid, or the web server takes longer than 5 seconds to respond.

 define service{
        use                     generic-service         ; Inherit default values from a template
        host_name               remotehost
        service_description     Product Download Link
        check_command           check_http!-u /download/index.php -t 5 -s "latest-version.tar.gz"
        }

Monitoring FTP

When you need to monitor FTP servers, you can use the check_ftp plugin. The commands.cfg file contains a command definition for using the check_ftp plugin, which looks like this:

 define command{
        command_name    check_ftp
        command_line    $USER1$/check_ftp -H $HOSTADDRESS$ $ARG1$
        }

A simple service definition for monitoring the FTP server on remotehost would look like this:

 define service{
        use                     generic-service         ; Inherit default values from a template
        host_name               remotehost
        service_description     FTP
        check_command           check_ftp
        }

This service definition will monitor the FTP service and generate alerts if the FTP server doesn't respond within 10 seconds.

A more advanced service definition is shown below. This service will check the FTP server running on port 1023 on remotehost. It will generate an alert if the server doesn't respond within 5 seconds or if the server response doesn't contain the string "Pure-FTPd [TLS]".

 define service{
        use                     generic-service         ; Inherit default values from a template
        host_name               remotehost
        service_description     Special FTP 
        check_command           check_ftp!-p 1023 -t 5 -e "Pure-FTPd [TLS]"
        }

Monitoring SSH

When you need to monitor SSH servers, you can use the check_ssh plugin. The commands.cfg file contains a command definition for using the check_ssh plugin, which looks like this:

 define command{
        command_name    check_ssh
        command_line    $USER1$/check_ssh $ARG1$ $HOSTADDRESS$
        }

A simple service definition for monitoring the SSH server on remotehost would look like this:

 define service{
        use                     generic-service         ; Inherit default values from a template
        host_name               remotehost
        service_description     SSH
        check_command           check_ssh
        }

This service definition will monitor the SSH service and generate alerts if the SSH server doesn't respond within 10 seconds.

A more advanced service definition is shown below. This service will check the SSH server and generate an alert if the server doesn't respond within 5 seconds or if the server version string string doesn't match "OpenSSH_4.2".

 define service{
        use                     generic-service         ; Inherit default values from a template
        host_name               remotehost
        service_description     SSH Version Check 
        check_command           check_ssh!-t 5 -r "OpenSSH_4.2"
        }

Monitoring SMTP

The check_smtp plugin can be using for monitoring your email servers. The commands.cfg file contains a command definition for using the check_smtp plugin, which looks like this:

 define command{
        command_name    check_smtp
        command_line    $USER1$/check_smtp -H $HOSTADDRESS$ $ARG1$
        }

A simple service definition for monitoring the SMTP server on remotehost would look like this:

 define service{
        use                     generic-service         ; Inherit default values from a template
        host_name               remotehost
        service_description     SMTP
        check_command           check_smtp
        }

This service definition will monitor the SMTP service and generate alerts if the SMTP server doesn't respond within 10 seconds.

A more advanced service definition is shown below. This service will check the SMTP server and generate an alert if the server doesn't respond within 5 seconds or if the response from the server doesn't contain "mygreatmailserver.com".

 define service{
        use                     generic-service         ; Inherit default values from a template
        host_name               remotehost
        service_description     SMTP Response Check 
        check_command           check_smtp!-t 5 -e "mygreatmailserver.com"
        }

Monitoring POP3

The check_pop plugin can be using for monitoring the POP3 service on your email servers. The commands.cfg file contains a command definition for using the check_pop plugin, which looks like this:

 define command{
        command_name    check_pop
        command_line    $USER1$/check_pop -H $HOSTADDRESS$ $ARG1$
        }

A simple service definition for monitoring the POP3 service on remotehost would look like this:

 define service{
        use                     generic-service         ; Inherit default values from a template
        host_name               remotehost
        service_description     POP3
        check_command           check_pop
        }

This service definition will monitor the POP3 service and generate alerts if the POP3 server doesn't respond within 10 seconds.

A more advanced service definition is shown below. This service will check the POP3 service and generate an alert if the server doesn't respond within 5 seconds or if the response from the server doesn't contain "mygreatmailserver.com".

 define service{
        use                     generic-service         ; Inherit default values from a template
        host_name               remotehost
        service_description     POP3 Response Check 
        check_command           check_pop!-t 5 -e "mygreatmailserver.com"
        }

Monitoring IMAP

The check_imap plugin can be using for monitoring IMAP4 service on your email servers. The commands.cfg file contains a command definition for using the check_imap plugin, which looks like this:

 define command{
        command_name    check_imap
        command_line    $USER1$/check_imap -H $HOSTADDRESS$ $ARG1$
        }

A simple service definition for monitoring the IMAP4 service on remotehost would look like this:

 define service{
        use                     generic-service         ; Inherit default values from a template
        host_name               remotehost
        service_description     IMAP
        check_command           check_imap
        }

This service definition will monitor the IMAP4 service and generate alerts if the IMAP server doesn't respond within 10 seconds.

A more advanced service definition is shown below. This service will check the IAMP4 service and generate an alert if the server doesn't respond within 5 seconds or if the response from the server doesn't contain "mygreatmailserver.com".

 define service{
        use                     generic-service         ; Inherit default values from a template
        host_name               remotehost
        service_description     IMAP4 Response Check 
        check_command           check_imap!-t 5 -e "mygreatmailserver.com"
        }

Restarting Icinga

Once you've added the new host and service definitions to your object configuration file(s), you're ready to start monitoring them. To do this, you'll need to verify your configuration and restart Icinga.

If the verification process produces any errors messages, fix your configuration file before continuing. Make sure that you don't (re)start Icinga until the verification process completes without any errors!