Why we need Continuous Monitoring :

• In a large scale distributed applications we never know what kind issue we may ran into .
• some of them are :
• Failure in CI/CD pipeline .
• Static code analysis .
• Application side issue .
• Infrastructure side issue .

And in big organizations server health and application Security can not be compromised at any cost .

What is continuous monitoring :

Continuous monitoring is a phase in our application development lifecycle which make sure that our application is getting continuously monitored and debugged if any issue .

Phases of continuous monitoring :

1. Define
2. Establish
3. Implement
4. Analyze
5. Respond
6. Review and Update

What is Nagios :

Nagios monitors your entire IT lifecycle to ensures systems, applications , services and business process are functioning properly .

Features of Nagios :

• Using a master slave architecture .
• Easy to write plugins .
• Good web interface for visualization purpose .
• Automate the e-mail sending in case of any network failure .

Architecture of Nagios :

How install Nagios (Ubuntu):

$ sudo apt update

$ sudo apt install build-essentials libgd-dev openssl libssl-dev unzip apache2 gcc

• Nagios user and group are used to run Nagios process

$ sudo useradd nagios

$ sudo groupadd nagcmd

$ sudo usermod -a -G nagcmd nagios

$ wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.4.6.tar.gz

$ tar xpf nagios-*.tar.gz

$ cd nagios-4.4.6

$ ./configure --with-nagios-group=nagios --with-command-group=nagcmd

• You can see the configuration using the configure command :

• Now we have to build the project using the make command and then install it :
  

$ make -j4 all

$ sudo make install

• Now run these commands to install Nagios sample files, binary files and it's sample config files .

sudo make install
sudo make install-daemoninit
sudo make install-commandmode
sudo make install-config

• We are using apache to serve Nagios web interface .

$ sudo make install-webconf

• Enable the Apache rewrite and cgi modules with the a2enmod command:

$ sudo a2enmod rewrite

$ sudo a2enmod cgi

• In order to execute commands via the web interface to Nagios add the web server user, www-data, to the nagios group:

$sudo usermod -a -G nagios www-data

• Next we have to create a username and password for our user which can enable our user to login to the web interface .

$ sudo apt install htpasswd

$ sudo htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

Enter Your Password :

Warning: If you create a user with a name other than nagiosadmin
you will need to edit /usr/local/nagios/etc/cgi.cfg 
and change all the nagiosadmin references to the user you created.

• Restart the Apache server

$ sudo systemctl restart apache2

Installing the Nagios plugin :

$ cd ~
$ http://www.nagios-plugins.org/download/nagios-plugins-2.3.3.tar.gz
$ tar zxf nagios-plugins-2.2.1.tar.gz
$ cd nagios-plugins-2.2.1

*configure their installation 
$ ./configure

* Now build and install the plugin

$ make
$ sudo make install

Now we need to install check_nrpe plugin to monitor the remote plugins :

cd ~
curl -L -O https://github.com/NagiosEnterprises/nrpe/releases/download/nrpe-3.2.1/nrpe-3.2.1.tar.gz
tar zxf nrpe-3.2.1.tar.gz
cd nrpe-3.2.1
./configure

• Now build and install check_nrpe :

make check_nrpe
sudo make install-plugin

Configure Nagios :

• Navigate to the Nagios configuration file

$sudo nano /usr/local/nagios/etc/nagios.cfg

• Add this line to the config file

...
#cfg_dir=/usr/local/nagios/etc/servers
...

• Uncomment this line

cfg_dir=/usr/local/nagios/etc/servers

• Now we have to create a directory so that we can store our configuration file for each server .

$sudo mkdir /usr/local/nagios/etc/servers

open the Nagios contact file :

$ sudo nano /usr/local/nagios/etc/objects/contacts.cfg

Find the email directive and replace it with yours

...
define contact{
        contact_name                    nagiosadmin             ; Short name of user
        use                             generic-contact         ; Inherit default values from generic-contact template (defined above)
        alias                           Nagios Admin            ; Full name of user
        email                           your_email@your_domain.com        ; <<***** CHANGE THIS TO YOUR EMAIL ADDRESS ******
...

• Navigate to the directory and add a new command which is for defining check_nrpe command .

$ sudo nano /usr/local/nagios/etc/objects/commands.cfg

...
define command{
        command_name check_nrpe
        command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}

This defines the name and specifies the command-line options to execute the plugin.

$ sudo systemctl start nagios

Access the Nagios web interface :

http://nagios_server_public_ip/nagios

Enter the login credentials .

Monitoring :

ssh into the server you want to monitor.

$ ssh ubuntu@server_ip

$ sudo useradd nagios

cd ~
curl -L -O https://nagios-plugins.org/download/nagios-plugins-2.2.1.tar.gz

tar zxf nagios-plugins-2.2.1.tar.gz
cd nagios-plugins-2.2.1

then configure and build it

$ ./configure

$ make

$ sudo make install

• Install nrpe daemon find the latest url at github pages:

cd ~
curl -L -O https://github.com/NagiosEnterprises/nrpe/releases/download/nrpe-4.0.0/nrpe-4.0.0.tar.gz

tar zxf nrpe-4.0.0.tar.gz
cd nrpe-4.0.0

$ ./configure

• Now build and install NRPE and its startup script with these commands:

make nrpe
sudo make install-daemon
sudo make install-config
sudo make install-init

$ sudo nano /usr/local/nagios/etc/nrpe.cfg

• server_address: Set to the private IP address of the monitored server.
• allowed_hosts: Add the private IP address of your Nagios server to the comma-delimited list.
• command[check_hda1]: Change /dev/hda1 to whatever your root filesystem is called.

...
server_address=second_ubuntu_server_private_ip
...
allowed_hosts=127.0.0.1,::1,your_nagios_server_private_ip
...
command[check_vda1]=/usr/local/nagios/libexec/check_disk -w 20% -c 10% -p /dev/vda1
...

$ sudo systemctl start nrpe.service

$ sudo ufw allow 5666/tcp

• Now you can check the communication with the remote NRPE server. Run the following command on the Nagios server:

$ /usr/local/nagios/libexec/check_nrpe -H second_ubuntu_server_ip

• On your Nagios server, create a new configuration file for each of the remote hosts that you want to monitor in /usr/local/nagios/etc/servers/. Replace the highlighted word, monitored_server_host_name with the name of your host:

$ sudo nano /usr/local/nagios/etc/servers/your_monitored_server_host_name.cfg

• Add the following host definition, replacing the host_name value with your remote hostname, the alias value with a description of the host, and the address value with the private IP address of the remote host:

define host {
        use                             linux-server
        host_name                       your_monitored_server_host_name
        alias                           My client server
        address                         your_monitored_server_private_ip
        max_check_attempts              5
        check_period                    24x7
        notification_interval           30
        notification_period             24x7
}

• Add some sevices
• First, add this block to monitor load average:

define service {
        use                             generic-service
        host_name                       your_monitored_server_host_name
        service_description             Load average
        check_command                   check_nrpe!check_load
}

• Next, add this block to monitor disk usage:

define service {
        use                             generic-service
        host_name                       your_monitored_server_host_name
        service_description             /dev/vda1 free space
        check_command                   check_nrpe!check_vda1
}

Now restart and navigate to the web interface :

$ sudo systemctl restart nagios

Thanks for reading 🤖🤖🤖