-2

I have my nagios core installed in an local machine(linux 16.04), which is perfectly monitoring my local remote machines. But i want to monitor an AWS instance (linux machine) using the same local machine which i'm using to monitor the other local remote machine via nrpe plugin. But the problem with the same is that a connection can't be established between the server and the instance as each time I run the ./check_nrpe command i get this output : "CHECK_NRPE STATE CRITICAL: Socket timeout after 10 seconds."

Please put some light on the same. Any kind of help will be appreciated.

Maniraj
  • 101
  • 4

1 Answers1

1

check_nrpe usually connects to the nrpe process on the server on port 5666 or using xinetd on port 2098, so you would need to open whichever port you are using in your AWS security groups. If you can only allow access from your home IP that would improve security a little. Also check that nrpe is listening on 0.0.0.0 or the internal IP of the instance rather that 127.0.0.1.

Simon Greenwood
  • 1,343
  • 9
  • 12
  • i'm using the port **5666** and it is open in the AWS security group. I checked the nrpe on 0.0.0.0 and on the internal ip and it is listening on both of them. But my problem is still not solved – Maniraj Feb 12 '18 at 09:29
  • Outbound port on your local router or ISP? Try telnetting to port 5666 on the instance to see if you get a response - I assume you are connecting to the external address of the instance. You can also try running `check_nrpe` on the instance to make sure it has the right permissions. – Simon Greenwood Feb 12 '18 at 09:48
  • can you please be more specific, as i'm not getting things quite well :( – Maniraj Feb 12 '18 at 09:57
  • Can you connect to `nrpe` on your instance using `telnet (external IP) 5666`? You may have to install `telnet` on your local machine with `apt install telnet`. It is possible that port 5666 isn't open outwards on your local router or through your ISP as well, so check that. – Simon Greenwood Feb 12 '18 at 10:03
  • just checked the telnet, found that when i ran the command **telnet 5666** i got the output **Connected to xx.xx.xx.xx. Escape character is '^]'. Connection closed by foreign host.** – Maniraj Feb 12 '18 at 10:33
  • That's working then, so my guess would be that the response is coming from something that you are monitoring - I don't think nrpe uses a socket by default so it may be a permissions issue from something you are monitoring - mysql would immediately come to mind. – Simon Greenwood Feb 12 '18 at 11:34
  • What to do? Please help @simon – Maniraj Feb 12 '18 at 11:41
  • nrpe does log, or can be configured to log on the server so you may be able to see errors there. I can't really help much further than that. – Simon Greenwood Feb 12 '18 at 12:02