Using Nagios With RKhunter

Question

I have installed rkhunter and would like the rootkit checks to be done automatically with alerts. How would i go about integrating RKhunter with nagios? One scenario would be if a root kit is found, i would receive a critical alert on nagios else the state is OK. I also notice that there is this script related to rkhunter, but have no idea how to use it. Any help would be appreciated. Thanks !

ps : i am able to do less complicated configurations and coding. other than that i need some guidance.

When i run the ./check_rootkit plugin, i get this error ./check_rootkit: line 25: ./utils.sh: No such file or directory — Anonymous, Nov 05 '12 at 08:56
You need to run it in the directory where all of your other nagios plugins are. — Keith, Nov 05 '12 at 16:43
Running it in /usr/local/nagios/libexec I get the following output : WARNING - rkhunter returned state 1 What does it mean? — Anonymous, Nov 06 '12 at 01:08

score 1 · Accepted Answer · answered Nov 06 '12 at 02:20

1

After some trial and error, i gave up on rkhunter and move to check_chkrootkit. Also available on nagios exchange. http://exchange.nagios.org/directory/Plugins/Operating-Systems/Linux/check_chkrootkit/details

answered Nov 06 '12 at 02:20

Anonymous

74
6

Using Nagios With RKhunter

1 Answers1