How to Install memcached in Centos 6

memcached

I was building a website of my own and was onmy testing phase when I noticed its a little bit slow. It might be because i have too many graphics loading and heavy database when doing some searching. I searched Google ways to speed up websites and i found out about memcached and found some article on how to install the said application. I tried it and I noticed a big difference on my website’s performance.

MEMCACHED DEFINITION

Memcached is a distributed, high-performance, in-memory caching system that is primarily used to speed up sites that make heavy use of databases. It can however be used to store objects of any kind. Nearly every popular CMS has a plugin or module to take advantage of memcached, and many programming languages have a memcached library, including PHP, Perl, Ruby, and Python. Memcached runs in-memory and is thus quite speedy, since it does not need

to write to disk.

Here’s how to install it on CentOS 6:

Memcached does have some dependencies that need to be in place. Install libevent using yum:

yum install libevent libevent-devel

The memcached install itself starts with

To start installing memcached, change your working directory to /usr/local/src and download the latest memcached source:

cd /usr/local/src 
wget http://memcached.googlecode.com/files/memcached-1.4.15.tar.gz

Uncompress the tarball you downloaded and change into the directory that is created:

tar xvzf memcached-1.4.15.tar.gz
cd memcached-1.4.15

Note:

Check memcached.org for a newer version before proceeding with the installation. Their might be newer version existing after the publication of this post. Please note the tarball version we are using is 1.4.15.

Next, configure your Makefile. The simplest way is to run:

./configure

Additional configure flags are available and can improve performance if your server is capable. For 64-bit OSes, you can enable memcached to utilize a larger memory allocation than is possible with 32-bit OSes:

./configure --enable-64bit

If your server has multiple CPUs or uses multi-core CPUs, enable threading:

./configure --enable-threads

If your server supports it, you can use both flags:

./configure --enable-threads --enable-64bit

n.b.: if the configure script does not run, you may have to install compiling tools on your server. That is as simple as

yum install gcc
yum install make

Once the configure script completes, build and install memcached:

make && make install

Last but not least, start a memcached server:

memcached -d -u nobody -m 512 -p 11211 127.0.0.1

Put another way, the previous command can be laid out like this:

memcached -d -u [user] -m [memory size] -p [port] [listening IP]

Let’s go over what each switch does in the above command:

-d
Tell memcached to start up as a backgrounded daemon process
-u
Specify the user that you want to run memcached
-m
Set the memory that you want to be allocated my memcached
-p
The port on which memcached will listen.

Now your site is ready for a fast run literally.

Resources:

http://memcached.org/

http://www.liquidweb.com/kb/how-to-install-memcached-on-centos-6/

20 Most used Linux-based system monitoring tools

tuxsysad

The following are some of the  basic CLI, GUI, TUI commands to use in monitoring linux operated systems and helps in in-depth system analysis and debugging of server problems. These commands commonly help resolve issues regarding CPU, Memory, Network, and Storage.

1: top – Process Activity Command

The top program provides a dynamic real-time view of a running system i.e. actual process activity. By default, it displays the most CPU-intensive tasks running on the server and updates the list every five seconds.

#top 
top

top

2: vmstat – System Activity, Hardware and System Information

The command vmstat reports information about processes, memory, paging, block IO, traps, and cpu activity.

#vmstat -a
vmstat

vmstat

3: w – Find Out Who Is Logged on And What They Are Doing

w command displays information about the users currently on the machine, and their processes.

# w testuser 
w

w

4: uptime – Tell How Long The System Has Been Running

The uptime command can be used to see how long the server has been running. The current time, how long the system has been running, how many users are currently logged on, and the system load averages for the past 1, 5, and 15 minutes.

# uptime
uptime

uptime

1 can be considered as optimal load value. The load can change from system to system. For a single CPU system 1 – 3 and SMP systems 6-10 load value might be acceptable.

5: ps – Displays The Processes

ps

ps

ps command will report a snapshot of the current processes. To select all processes use the -A or -e option:

# ps -A

ps is just like top but provides more information.

Show Long Format Output

# ps -Al
To turn on extra full mode (it will show command line arguments passed to process):
# ps -AlF

To See Threads ( LWP and NLWP)

# ps -AlFH

To See Threads After Processes

# ps -AlLm

Print All Process On The Server

# ps ax
# ps axu

Print A Process Tree

# ps -ejH
# ps axjf
# pstree

Print Security Information

# ps -eo euser,ruser,suser,fuser,f,comm,label
# ps axZ
# ps -eM

See Every Process Running As User testuser

# ps -U testuser -u testuser u

Set Output In a User-Defined Format

# ps -eo pid,tid,class,rtprio,ni,pri,psr,pcpu,stat,wchan:14,comm
# ps axo stat,euid,ruid,tty,tpgid,sess,pgrp,ppid,pid,pcpu,comm
# ps -eopid,tt,user,fname,tmout,f,wchan

Display Only The Process IDs of Lighttpd

# ps -C lighttpd -o pid=
OR
# pgrep lighttpd
OR
# pgrep -u testuser php-cgi

Display The Name of PID 55977

# ps -p 55977 -o comm=

Find Out The Top 10 Memory Consuming Process

# ps -auxf | sort -nr -k 4 | head -10

Find Out top 10 CPU Consuming Process

# ps -auxf | sort -nr -k 3 | head -10

6: free - Memory Usage 

The command free displays the total amount of free and used physical and swap memory in the system, as well as the buffers used by the kernel.

# free 
free

free

7: iostat – Average CPU Load, Disk Activity

The command iostat report Central Processing Unit (CPU) statistics and input/output statistics for devices, partitions and network filesystems (NFS).

# iostat 
iostat

iostat

8: sar – Collect and Report System Activity

The sar command is used to collect, report, and save system activity information. To see network counter, enter:

sar

sar

# sar -n DEV | more
To display the network counters from the 24th:
# sar -n DEV -f /var/log/sa/sa24 | more
You can also display real time usage using sar:
# sar 4 5

9: mpstat – Multiprocessor Usage

The mpstat command displays activities for each available processor, processor 0 being the first one. mpstat -P ALL to display average CPU utilization per processor:

# mpstat -P ALL
mpstat

mpstat

10: pmap – Process Memory Usage

The command pmap report memory map of a process. Use this command to find out causes of memory bottlenecks.

# pmap -d PID 

To display process memory information for pid # 47394, enter:

# pmap -d 47394 
pmap

pmap

11 netstat – Network Statistics

The command netstat displays network connections, routing tables, interface statistics, masquerade connections, and multicast memberships

netstat

netstat

12: ss – Network Statistics

ss command is used to dump socket statistics. It allows showing information similar to netstat.

ss

ss

13: iptraf – Real-time Network Statistics

The iptraf command is interactive colorful IP LAN monitor. It is an ncurses-based IP LAN monitor that generates various network statistics including TCP info, UDP counts, ICMP and OSPF information, Ethernet load info, node stats, IP checksum errors, and others. It can provide the following info in easy to read format:

  • Network traffic statistics by TCP connection
  • IP traffic statistics by network interface
  • Network traffic statistics by protocol
  • Network traffic statistics by TCP/UDP port and by packet size
  • Network traffic statistics by Layer2 address
iptraf1

iptraf1

iptraf2

iptraf2

14: tcpdump – Detailed Network Traffic Analysis

The tcpdump is simple command that dump traffic on a network. However, you need good understanding of TCP/IP protocol to utilize this tool. For.e.g to display traffic info about DNS, enter:

 # tcpdump -i eth0 'tcp port 80'

To display all IPv4 HTTP packets to and from port 80, i.e. print only packets that contain data, not, for example, SYN and FIN packets and ACK-only packets, enter:

# tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' 

To display all FTP session to 202.54.1.5, enter:

# tcpdump -i eth1 'dst 202.54.1.5 and (port 21 or 20' 

To display all HTTP session to 192.168.1.5:

# tcpdump -ni eth0 'dst 192.168.1.5 and tcp and port http'

Use wireshark to view detailed information about files, enter:

# tcpdump -n -i eth1 -s 0 -w output.txt src or dst port 80 
tcpdump

tcpdump

15: strace – System Calls

Trace system calls and signals. This is useful for debugging webserver and other server problems. See how to use to trace the process and see What it is doing.

Strace

Strace

16: /Proc file system – Various Kernel Statistics

/proc file system provides detailed information about various hardware devices and other Linux kernel information. See Linux kernel /proc documentations for further details. Common /proc examples:

# cat /proc/cpuinfo
# cat /proc/meminfo
# cat /proc/zoneinfo
# cat /proc/mounts
proc

proc

17: Nagios – Server And Network Monitoring

Nagios is a popular open source computer system and network monitoring application software. You can easily monitor all your hosts, network equipment and services. It can send alert when things go wrong and again when they get better. FAN is “Fully Automated Nagios”. FAN goals are to provide a Nagios installation including most tools provided by the Nagios Community. FAN provides a CDRom image in the standard ISO format, making it easy to easilly install a Nagios server. Added to this, a wide bunch of tools are including to the distribution, in order to improve the user experience around Nagios. See how to install Nagios

nagios

nagios

18: Cacti – Web-based Monitoring Tool

Cacti is a complete network graphing solution designed to harness the power of RRDTool’s data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. It can provide data about network, CPU, memory, logged in users, Apache, DNS servers and much more. See how to install and configure Cacti network graphing tool on linux box.

cacti

cacti

19: KDE System Guard – Real-time Systems Reporting and Graphing

KSysguard is a network enabled task and system monitor application for KDE desktop. This tool can be run over ssh session. It provides lots of features such as a client/server architecture that enables monitoring of local and remote hosts. The graphical front end uses so-called sensors to retrieve the information it displays. A sensor can return simple values or more complex information like tables. For each type of information, one or more displays are provided. Displays are organized in worksheets that can be saved and loaded independently from each other. So, KSysguard is not only a simple task manager but also a very powerful tool to control large server farms.

kdesystemguard

kdesystemguard

20: Gnome System Monitor – Real-time Systems Reporting and Graphing

The System Monitor application enables you to display basic system information and monitor system processes, usage of system resources, and file systems. You can also use System Monitor to modify the behavior of your system. Although not as powerful as the KDE System Guard, it provides the basic information which may be useful for new users:

  • Displays various basic information about the computer’s hardware and software.
  • Linux Kernel version
  • GNOME version
  • Hardware
  • Installed memory
  • Processors and speeds
  • System Status
  • Currently available disk space
  • Processes
  • Memory and swap space
  • Network usage
  • File Systems
  • Lists all mounted filesystems along with basic information about each.
gnome-system-monitor

gnome-system-monitor

More Tools of interest

A few more tools:

  • nmap – scan your server for open ports.
  • lsof – list open files, network connections and much more.
  • ntop web based tool – ntop is the best tool to see network usage in a way similar to what top command does for processes i.e. it is network traffic monitoring software. You can see network status, protocol wise distribution of traffic for UDP, TCP, DNS, HTTP and other protocols.
  • Conky – Another good monitoring tool for the X Window System. It is highly configurable and is able to monitor many system variables including the status of the CPU, memory, swap space, disk storage, temperatures, processes, network interfaces, battery power, system messages, e-mail inboxes etc.
  • GKrellM – It can be used to monitor the status of CPUs, main memory, hard disks, network interfaces, local and remote mailboxes, and many other things.
  • vnstat – vnStat is a console-based network traffic monitor. It keeps a log of hourly, daily and monthly network traffic for the selected interface(s).
  • htop – htop is an enhanced version of top, the interactive process viewer, which can display the list of processes in a tree form.
  • mtr – mtr combines the functionality of the traceroute and ping programs in a single network diagnostic tool.
  • wireshark - is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. Originally named Ethereal, in May 2006 the project was renamed Wireshark due to trademark issues.
  • snort – Snort’s open source network-based intrusion detection system (NIDS) has the ability to perform real-time traffic analysis and packet logging on Internet Protocol (IP) networks. Snort performs protocol analysis, content searching, and content matching. The program can also be used to detect probes or attacks, including, but not limited to, operating system fingerprinting attempts, common gateway interface, buffer overflows, server message block probes, and stealth port scans.
  • Centreon – Centreon is an Open Source software package that lets you supervise all the infrastructures and applications comprising your information system.

References:

http://www.cyberciti.biz/tips/top-linux-monitoring-tools.html

http://www.wireshark.org/about.html

Snort (Intrusion Detection Utility) Installation in Centos 6

snort

Definition

snort2SNORT  is a free and open source network intrusion prevention system (NIPS) and network intrusion detection system (NIDS)[2] created by Martin Roesch in 1998.Snort is now developed by Sourcefire, of which Roesch is the founder and CTO.In 2009, Snort entered InfoWorld’s Open Source Hall of Fame as one of the “greatest [pieces of] open source software of all time”.

Snort’s open source network-based intrusion detection system (NIDS) has the ability to perform real-time traffic analysis and packet logging on Internet Protocol (IP) networks. Snort performs protocol analysis, content searching, and content matching. The program can also be used to detect probes or attacks, including, but not limited to, operating system fingerprinting attempts, common gateway interface, buffer overflows, server message block probes, and stealth port scans.

Snort can be configured in three main modes: sniffer, packet logger, and network intrusion detection. In sniffer mode, the program will read network packets and display them on the console. In packet logger mode, the program will log packets to the disk. In intrusion detection mode, the program will monitor network traffic and analyze it against a rule set defined by the user. The program will then perform a specific action based on what has been identified.

Before proceeding with Snort installation you will need to install the required packages.  Follow the steps to do prior to snort’s installation.

Pre-Installation

Make sure to have the latest version of  MySQL, HTTP, Development Tools and Development Libraries.

     Install the necessary packages needed to run snort successfully.

 #yum install mysql-bench mysql-devel php-mysql gcc php-gd gd glib2-devel gcc-c++

      Yum install libcap, libpcap and pcre

#yum install libcap*
#yum install libpcap*
#yum install pcre*

      Install libdnet 1.12

#cd /
#mkdir snort_install
#cd snort_install
#wget http://libdnet.googlecode.com/files/libdnet-1.12.tgz
#tar -zxvf libdnet-1.12.tgz
#cd libdnet-1.12
#./configure
#make && make install

     Install daq version 2.0.0

#cd /snort_install
#wget http://www.snort.org/downloads/2103
#tar -zxvf daq-2.0.0.tar.gz
#cd daq-2.0.0
#./configure
#make && make install

     Install snort version 2.9.4

#cd /snort_install
#wget http://www.snort.org/downloads/2112
#tar -zxvf snort-2.9.4.tar.gz
#cd snort-2.9.4
#./configure
#make && make install

Post Installation Instruction

      prepare for rules installation

# groupadd snort
# useradd -g snort snort -s /sbin/nologin
# mkdir /etc/snort
# mkdir /etc/snort/rules
# mkdir /etc/snort/so_rules
# mkdir /etc/snort/preproc_rules
# mkdir /var/log/snort
# chown snort:snort /var/log/snort
# mkdir /usr/local/lib/snort_dynamicrules
# cd /snort_install/snort-2.9.4/etc/
# cp * /etc/snort/

      Register on Snort official web site and download rules to  /snort_install directory

#cd /snort_install
#tar -zxvf snortrules-snapshot-2940.tar.gz
#cd rules/
#cp * /etc/snort/rules
#cp ../so_rules/precompiled/Centos-5-4/i386/2.9.4.0/* /etc/snort/so_rules
#cp ../preproc_rules/* /etc/snort/preproc_rules/

     Edit /etc/snort/snort.conf file

1.change “var RULE_PATH ../rules” to “var RULE_PATH /etc/snort/rules”,
change “var SO_RULE_PATH ../so_rules” to “var SO_RULE_PATH /etc/snort/so_rules”,
change “var PREPROC_RULE_PATH ../preproc_rules” to “var PREPROC_RULE_PATH /etc/snort/preproc_rules”
2. comment on the whole “Reputation preprocessor” section, because we haven’t whitelist file
3. find “Configure output plugins” section and add the line “output unified2: filename snort.log, limit 128″

    Install Barnyard 2

#cd /snort_install
#wget http://www.securixlive.com/download/barnyard2/barnyard2-1.9.tar.gz
#tar -zxvf barnyard2-1.9.tar.gz 
#cd barnyard2-1.9
#./configure 
#./configure --with-mysql-libraries=/usr/lib/mysql/
#make 
#make install
#cp etc/barnyard2.conf /etc/snort/
#mkdir /var/log/barnyard2
#chmod 666 /var/log/barnyard2
#touch /var/log/snort/barnyard2.waldo

       Setup MySQL Database

#echo "SET PASSWORD FOR root@localhost=PASSWORD('yourpassword');"| mysql -u root -p
#echo "create database snort;"| mysql -u root -p
#cd /snort_install/barnyard2-1.9
#mysql -u root -p -D snort < schemas/create_mysql
#echo "grant create, insert on root.* to snort@localhost;" | mysql -u root -p
#echo "SET PASSWORD FOR snort@localhost=PASSWORD('yourpassword');" | mysql -u root -p
#echo "grant create,insert,select,delete,update on snort.* to snort@localhost" | mysql -u root -p

     Edit the file /etc/snort/barnyard2.conf

change “config hostname: thor” to “config hostname: localhost”

change “config interface: eth0″ to “config interface: eth1″

add the line at the end of file “output database: log, mysql, user=snort password=yourpassword dbname=snort     host=localhost”
Note: the device eth1 may vary depending on your system set-up. The example given above is a 2 network device(eth0,eth1) setup where snort was applied to the second network device(eth1)
 

      Test

#/usr/local/bin/snort -u snort -g snort -c /etc/snort/snort.conf -i eth1

    If it prompts “Initialization Complete”, it proves to work.

      or  Execute snort from command line

#snort -c /etc/snort/snort.conf -l /var/log/snort/

If testing and manual run working perfectly fine proceed with the next step

      Make Snort and Barnyard2 boot up automatically

Edit the file /etc/rc.local, add the below lines

/sbin/ifconfig eth1 up /usr/local/bin/snort -D -u snort -g snort -c /etc/snort/snort.conf -i eth1

/usr/local/bin/barnyard2 -c /etc/snort/barnyard2.conf -d /var/log/snort -f snort.log -w /var/log/snort   /barnyard2.waldo -D

Restart to test changes.

#init 6

References:

http://www.snort.org/

http://en.wikipedia.org/wiki/Snort_%28software%29

http://www.securixlive.com/

http://kezhong.wordpress.com/2012/04/07/install-snort-2-9-2-2-on-centos5-8x86_64/http://www.securixlive.com/

SVN (Subversion) Commands

subversion by apache

What is SVN (Subversion)?

Apache Subversion (often abbreviated SVN, after the command name svn) is a software versioning and revision control system distributed under an open source license. Developers use Subversion to maintain current and historical versions of files such as source code, web pages, and documentation. Its goal is to be a mostly compatible successor to the widely used Concurrent Versions System (CVS).

The open source community has used Subversion widely: for example in projects such as Apache Software Foundation, Free Pascal, FreeBSD, GCC, Mono and SourceForge. Google Code also provides Subversion hosting for their open source projects. BountySource systems use it exclusively. CodePlex offers access to Subversion as well as to other types of clients.

The corporate world has also started to adopt Subversion. A 2007 report by Forrester Research recognized Subversion as the sole leader in the Standalone Software Configuration Management (SCM) category and as a strong performer in the Software Configuration and Change Management (SCCM) category.[1]

Subversion was created by CollabNet Inc. in 2000 and is now a top-level Apache project being built and used by a global community of contributors.

Some of the commands frequently used related to SVN is listed below.

* Create Svn Repository

Syntax: svnadmin create <svn data directory><$repository_name>

E.g:

  $ svnadmin create /var/www/svn/repotest

-Command to create a repository using the default configuration.

$ chown apache.apache /var/www/svn/repotest 

- Command to use after creating the repository to assign ownership of the repository root directory to apache.

Or

Syntax: svnadmin create –fs-type fsfs <svn data directory><$repository_name>

  $ svnadmin create --fs-type fsfs /var/www/svn/repotest

-Command to create a repository using specifying the repository type.

$ chown apache.apache /var/www/svn/repotest 

- Command to use after creating the repository to assign ownership of the repository root directory to apache.

  * Initially input repo data to repository

$ svn import -m "Initial import." /var/www/svn/repotest/ file:///var/www/svn/myrepo

- where /var/www/svn/repotest is the root directory of the repository and file:///var/www/svn/repotest will be the online repository directory

  * list and view contents of a repo in tree view

Syntax: svnlook tree <repository absolute path>

  $ svnlook tree /var/www/svn/repotest/ 

  * View SVN Information

$ svn info

  * List down all repo

$ svn st

  * Add to svn a file or folder

$ svn add <file>

  * Create a Directory for svn

$ svn mkdir <directory>

 * Log svn

$ svn log

  *To revert to original file

$  svn revert <path>

  - revert a whole directory of files, use the --depth=infinity option:

$ svn revert --depth=infinity <path>

 

  *Delete a file or directory from svn

$ svn delete <directory>

  *Commit all changes made to file (Note: must be inside the repository path

$ svn ci -m "adding directories"

- Where ci is the commit command and -m is the parameter for the additional message and “adding directories” would be the notes included for the commit .
or

If you want to use a file that’s under version control for your commit message with --file, you need to pass the --force-log s witch:

$ svn commit --file file_under_vc.txt foo.c
svn: The log message file is under version control
svn: Log message file is a versioned file; use '--force-log' to override

$ svn commit --force-log --file file_under_vc.txt foo.c
Sending        foo.c
Transmitting file data .
Committed revision 6.

  *Checkout contents of Repository/get files and details

Syntax: svn co <repository_site> <path>

$ svn co http://svnrepo.com/svn/repos/  /var/www/svn/repotest/ 

For more commands on SVN Click here.

Happy versioning.

Installing Centreon on Centos

What is Centreon?

Centreon is an Open Source software package that lets you supervise all the infrastructures and applications comprising your information system.
please check this for more information.

Dependencies
_ nagios
_ nagios-plugins
_ ndoutils
_ nrpe
_ make
_ sudo
_ apache (httpd server)
_ mysql (database server)
_ php
_ gd
_ gd-devel
_ perl
_ gcc
_ rrdtool
_ net-snmp

Step 1: Install Dependencies

root@linux: ~ # yum -y install make sudo gd gd-devel httpd* mysql* php* perl* gcc rrdtool* net-snmp*

if you can’t install rrdtool via yum, you can follow this:

1) add rpmforge repository

root@linux: ~ # yum -y install yum-priorities

2) edit file priorities.conf

root@linux: ~ # vim /etc/yum/pluginconf.d/priorities.conf

[main]
enable=1

3) download and install rpm forge

root@linux: ~ # wget http://apt.sw.be/redhat/el5/en/i386/RPMS.dag/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
root@linux: ~ # rpm –import http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
root@linux: ~ # rpm -K rpmforge-release-0.3.6-1.el5.rf.i386.rpm
root@linux: ~ # rpm -i rpmforge-release-0.3.6-1.el5.rf.i386.rpm

4) install rrdtool using yum

root@linux: ~ # yum -y install rrdtool rrdtool-devel perl-rrdtool

to install nagios, nagios-plugins, ndoutil, nrpe, you can check this.

Step 2: Compile Centreon

1)download package

root@linux: ~ # wget http://download.centreon.com/centreon/centreon-2.0.tar.gz

2) extract package

root@linux: ~ # tar -xzvf centreon-2.0.tar.gz

3) compile centreon

root@linux: ~ # cd centreon-2.0
root@linux: centreon-2.0 # ./install.sh -i

answer all question script. you can just press return as default.
or press key y for yes or n for no.

the location of RRDs.pm config will be :

/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/RRDs.pm

the location of  PEAR.php config will be:

/usr/share/pear/PEAR.php

When done with the compilation you can check in http://yourdomain/centreon, and continue with web interface installation.

4)web interface installation
follow instruction on-screen and click Next button to continue installation. make sure those is OK result.
if there’s any problem, it’s give you declaration for help (step 4). if u get error like step 4 you can use chown and chmod for solution.

root@linux: ~ # chown -R nagios.apache /usr/local/nagios
root@linux: ~ # chmod -R 775 /usr/local/nagios


5) Test. Open your browser and goto http://yourdomain/centreon

Links:
+ http://www.google.com
+ http://tech-db.com/node/26
+ http://nagioswiki.com/wiki/index.php/Installing_Centreon_on_Centos_5

HOW TO CREATE A SELF-SIGNED CERTIFICATE

Step 1: Generating a server key needed to create the .ca and .crt files

[root@home test]# openssl genrsa -des3 -out server.key 4096
Generating RSA private key, 4096 bit long modulus
…………………………………………..++
……………………………………++
e is 65537 (0×10001)
Enter pass phrase for server.key:
Verifying – Enter pass phrase for server.key:
[root@home test]# ls
server.key

Step 2: Remove the passphrase from the key file. This is done so you do not have to type in the passphrase everytime the Apache is started. This especially useful in the event of server reboot when there is no one to manually type the passphrase. (Note: Once the passphrase is removed from the key, make sure that the file is readable only by root.)

[root@home test]# mv server.key server.key.secure
`server.key’ -> `server.key.secure’
[root@home test]# openssl rsa -in server.key.secure -out server.key
Enter pass phrase for server.key.secure:
writing RSA key
[root@home test]# ls
server.key server.key.secure

Step 3: Generate the CA file. The Certificate Authority file identifies the body that signed the certificate. The certificate validity in this example is 365 days after which, you will have to generate a new CA and CRT files again.

[root@home test]# openssl req -new -x509 -days 365 -key server.key -out server.ca
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [GB]: PH
State or Province Name (full name) [Berkshire]:Manila
Locality Name (eg, city) [Newbury]:Manila
Organization Name (eg, company) [My Company Ltd]:ZXY Corp
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server’s hostname) []:myhomies.com.ph
Email Address []:admin@myhomies.com.ph
[root@home test]# ls
server.ca server.key server.key.secure

Step 4: Generate the CSR file. The Certificate Signing Request is the file that contains the information of the certificate file itself. Note that in the Common Name field, you will have the use the fully qualified domain name (FQDN) of the actual site where the certificate is going to be used. For example, if your secure site is https://mywork.here.com, put mywork.here.com in the Common Name field. If you don’t have FQDN, use the server’s ip address instead. If the site url and Common Name are different, users will see a pop-up box whenever they visit your site.

[root@home test]# openssl req -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
—–
Country Name (2 letter code) [GB]: PH
State or Province Name (full name) [Berkshire]:Manila
Locality Name (eg, city) [Newbury]:Manila
Organization Name (eg, company) [My Company Ltd]:ZXY Corp
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server’s hostname) []:myhomies.com.ph
Email Address []:admin@myhomies.com.ph

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
[root@home test]# ls
server.ca server.csr server.key server.key.secure

Step 5: Generate the CRT file.

[root@home test]# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Signature ok
subject=/C=PH/ST=Manila/L=Manila/O=ZXY Corp/OU=IT/CN=myhomies.com.ph/emailAddress=admin@myhomies.com.ph
Getting Private key
[root@home test]# ls
server.ca server.crt server.csr server.key server.key.secure

There you have it. You have the files that you need to create a secure http site with a self-signed certificate. All you have to do now is to install there certificates to your Apache server. Your server needs to have mod_ssl enabled to use the secure http port (443).

Step 6: Install the certificates. Just copy the files to where you want your SSL certificate to be, like /etc/httpd/conf.d/ssl.crt. The setup your ssl.conf file to point the directives to the location of your SSL files.

How to Mirror a Subversion Repository

Definition:

Subversion (SVN) is a version control system initiated in 1999 by CollabNet Inc. It is used to maintain current and historical versions of files such as source code, web pages, and documentation. Its goal is to be a mostly-compatible successor to the widely used Concurrent Versions System (CVS).

Subversion is well-known in the open source community and is used on many open source projects, including Apache Software Foundation, Free Pascal, FreeBSD, GCC, Django, Ruby, Mono, SourceForge.net, ExtJS, Tigris.org, and PHP. Google Code also provides Subversion hosting for their open source projects. BountySource systems use it exclusively. Codeplex offers access to both Subversion as well as other types of clients.

How to Mirror a Subversion Repository

* Treating the Repository as a Filesystem
* Using Svnadmin Dump and Load
* Using Svnadmin Hotcopy
* Summary
* Checking the mirror
* Mirroring
* Reference Information

Here are three ways to create a full mirror of a Subversion repository:

1. Treat the repository like any other filesystem and recursively copy it to the mirror location.
2. Use svnadmin dump and svnadmin load.
3. Use svnadmin hotcopy.

There are important differences between these three strategies.
Treating the Repository as a Filesystem

You can of course:

cp -R PATH_TO_REPOS PATH_TO_MIRROR

This is a bad idea if the repository is in use — you’re copying a moving target — so you’ll have to take down the Subversion server while making the mirror. If you’re prepared to accept this downtime, netcat, nc, combined with tar is a neat way to recursively copy a directory across a network connection using TCP/IP.

# On the destination “mirror” machine
nc -l -p 2345 | tar xv
# On the source machine
tar c PATH_TO_REPOS > /dev/tcp/DOTTED.IP.OF.MIRROR/2345

Here, 2345 has been chosen as a suitable port for the data transfer.
Using Svnadmin Dump and Load

Perhaps the most obvious way to mirror a Subversion repository is to combine svnadmin dump with svadmin load.

svnadmin dump PATH_TO_REPOS | svnadmin load PATH_TO_MIRROR

Run on its own, svnadmin dump is designed to create a portable repository dump. The resulting dumpfile can be loaded into a new Subversion repository — even if the new repository is using a different database backend, or even a different revision of Subversion. Svnadmin dump will happily run on a live repository (no need to take the server down).

In short, combining svnadmin dump with svnadmin load is probably more powerful than we need if we just want to mirror our repository to a new location. Svnadmin dump — on its own — is the best way to fully backup a repository, since the dumpfile it creates is portable (as described above). If we replicate a repository by piping svnadmin dump to svnadmin load, we lose the dumpfile in the pipeline and do far more work than we need to.

Actually, it’s the computer which does the work — we just type a command and let it run. As a rough guideline, I have worked on a repository which occupies about 10Gb on disk, contains ~50K files and maybe a hundred branches. To dump and load this repository takes about 4 hours. A recursive copy completes in a few minutes.

One more point: svnadmin dump does not dump your repository configuration files and hook scripts. If your backup strategy is based around these commands, you will need separate arrangements for backing up hook scripts and configuration files.
Using Svnadmin Hotcopy

The third option combines the best features of the previous two. Using svnadmin hotcopy doesn’t require any server downtime, completes in minutes, and replicates server configuration and hook scripts.

svnadmin hotcopy PATH_TO_REPOS PATH_TO_MIRROR

The command is disconcertingly silent — no indication of progress, no verbose option. As is usual in UNIX-world, however, no news is good news. I just ran:

du -sh PATH_TO_REPOS PATH_TO_MIRROR

to confirm the hotcopy was running and to check on its progress.
Summary
Method Server
Downtime? Replicates
Config? Speed
File Copy Yes Yes Quickest
Dump/Load No No Slowest
Hotcopy No Yes Quick
Checking the mirror

Svnadmin provides another option, svnadmin verify to check a repository. This basically iterates through all revisions in the repository by internally dumping all revisions and discarding the output — so it takes a while.

svnadmin verify PATH_TO_MIRROR

Mirroring

Software developers don’t feel secure unless their source repository is safely backed up – or at least they shouldn’t – and they are reluctant to suffer repository downtime or excessive maintenance overheads. Live Subversion repositories can be mirrored quickly and safely using a simple command. With a little extra effort, this command can be scheduled to run automatically, every week, say.

As a next step, by using the Subversion post-commit hook every check-in to the repository can instantly and incrementally be copied to the repository mirror. I’ll provide details of how to do this in my next post.
Reference Information

For more information see:

* svnadmin dump reference
* svnadmin load reference
* svnadmin hotcopy reference

How to install APC (Alternative php cache)

Definition: The Alternative PHP Cache (APC) is a free and open opcode cache for PHP. Its goal is to provide a free, open, and robust framework for caching and optimizing PHP intermediate code.

I am posting a quick step-by-step guide to install APC on servers (dedicated or VPS) with cpanel/whm working. This is for those who have a hard time installing apc.

First login as a root to your server/vps and make a directory to work with this plugin,

#mkdir /home/APC-php

#cd /home/APC-php

now here we will first download the APC with following command

#wget http://pecl.php.net/get/APC-3.0.14.tgz

you can check for the latest version

now you can use gzip and tar separately or tar -xzvf to unzip this file

#tar -xzvf APC-3.0.14.tgz

now you will have a APC-3.0.14 folder.

#cd APC-3.0.14

now you have to make php configuration files by following command

#phpize

after this use following three commands

# ./configure –enable-apc –enable-apc-mmap –with-apxs –with-php-config=/usr/bin/php-config

*if you do not know the php path then execute ( which php ) command it will display the path. on a typical cpanel vps it could be /usr/bin/php-config or /usr/local/bin/php-config but you better check it before executing the above command)

#make

#make test

#make install

NOTE: if you are using suPHP then skip –with-apxs

*one more thing, if you use

#make test

command it shows 3 tests failed then do not worry, it showed at least to me but worked with the final steps.

the (make install) command will return the apc.so module path, note down that with you as you will have to feed it in the php.ini file in the next step.

check your php.ini location by

#php -i | grep php.ini

then open it with your favorite editor. mine was at

#vi /usr/local/lib/php.ini

and go to the last line and paste the following

extension=”apc.so”

now there is a catch in it, if you have other modules installed and their extension directory is different than the one MAKE INSTALL showed for APC so you have to move your apc.so to that directory so that all modules are in the same directory. in my case my APC directory was

/usr/lib/php/extensions/no-debug-non-zts-20060613/

but i moved apc.so from this location to my other location where my other extensions.so files were.

you can check that path in php.ini sectiion of

extension_dir = “”

after this restart your apache, for different servers it may vary mine worked with

#service httpd restart

CentOS 5.2 ModSecurity Installation

CentOS 5.2 ModSecurity Installation

While this guide is CentOS specific, it contains enough detail to be adaptable to most other distributions.

Definition:
ModSecurity is essentially a firewall for Apache, it checks all traffic against a set of rules which detect and prevent potentially malicious activity. There are three parts to this ModSec installation.

1. ModSecurity
2. mlogc
3. ModSecurity Console

Modsecurity is the ‘firewall’, mlogc is responsible for sending logs to the management console.

The console can be downloaded from https://bsn.breach.com, I used the Windows version for simplicity. Each console installation can support multiple sensors (ModSec installations), so it provides centralised monitoring. The console installation isn’t covered here, theres nothing to it – download, install, create sensors – done. Just make sure to install a valid license (free ones which support upto 3 sensors are currently available from https://bsn.breach.com)

Versions used:

Apache: 2.2.3
ModSecurity: 2.5.7

Install Dependencies:

yum install httpd-devel libxml2 libxml2-devel curl-devel pcre-devel gcc-c++

note: curl-devel is only required for mlogc

Download and Installation

wget http://www.modsecurity.org/download/modsecurity-apache_2.5.7.tar.gz

or, get the latest from http://www.modsecurity.org/download/direct.html

Stop Apache

service httpd stop

Untar it and install:

tar -xvzf modsecurity-apache_2.5.7.tar.gz

cd modsecurity-apache_2.5.7/apache2/

./configure
make
make mlogc
make install

Configuration

Configure mlogc:

Copy the binary from mlogc-src/ to /usr/local/bin/

cp mlogc-src/mlogc /usr/local/bin/

Copy the default config to /etc/

cp mlogc-src/mlogc-default.conf /etc/mlogc.conf

Edit the configuration file: /etc/mlogc.conf:

Change the following:

#URL TO CONSSOLE LOG RECEIVER
ConsoleURI https://CONSOLE_IP_ADDRESS:8886/rpc/auditLogReceiver

#SENSOR CREDENTIALS
SensorUsername “SENSOR_USERNAME”
SensorPassword “SENSOR_PASSWORD”

The above values need to reflect the Console installation and sensor configuration, also ensure the port is correct, it should be either 8886 or 8888. Save and exit

Configure ModSecurity:

Edit httpd.conf and add the following

# ModSecurity

Include conf/modsecurity/*.conf
LoadFile /usr/lib/libxml2.so
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule security2_module modules/mod_security2.so

Still in the httpd.conf, go down to the main server configuration section and add:

# ModSecurity Configuration

# Turn the filtering engine On or Off
SecFilterEngine On

# Make sure that URL encoding is valid
SecFilterCheckURLEncoding On

# Unicode encoding check
SecFilterCheckUnicodeEncoding Off

# Only allow bytes from this range
SecFilterForceByteRange 0 255

# Only log suspicious requests
SecAuditEngine RelevantOnly

# Debug level set to a minimum
SecFilterDebugLog logs/modsec_debug_log
SecFilterDebugLevel 0

# Should mod_security inspect POST payloads
SecFilterScanPOST On

# By default log and deny suspicious requests
# with HTTP status 500
SecFilterDefaultAction “deny,log,status:500″

# Use ReleventOnly auditing
SecAuditEngine RelevantOnly

# Must use concurrent logging
SecAuditLogType Concurrent

# Send all audit log parts
SecAuditLogParts ABIDEFGHZ

# Use the same /CollectorRoot/LogStorageDir as in mlogc.conf
SecAuditLogStorageDir /var/log/mlogc/data

# Pipe audit log to mlogc with your configuration
SecAuditLog “|/usr/local/bin/mlogc /etc/mlogc.conf”

Save and Exit.

Copy rules to Apache directory

mkdir /etc/httpd/conf/modsecurity

from the rules direcotry:

cp *.conf /etc/httpd/conf/modsecurity

make necessary changes to modsecurity_crs_10_config.conf (mainly the logging section – use values from httpd.conf)

# Log files structure

SecAuditLogType Concurrent
SecAuditLog “|/usr/local/bin/mlogc /etc/mlogc.conf”
SecAuditLogStorageDir /var/log/mlogc/data

SecAuditLogParts “ABIDEFGHZ”

Create mlogc logs direcotry and configure permissions

mkdir /var/log/mlogc
mkdir /var/log/mlogc/data

chown :apache /var/log/mlogc
chown :apache /var/log/mlogc/data

chmod g+w /var/log/mlogc
chmod g+w /var/log/mlogc/data

Restart Apache

service httpd start

Confirm ModSecurity is running:

tail /var/log/httpd/error_log

[Wed Oct 22 21:37:45 2008] [notice] ModSecurity for Apache/2.5.7 (http://www.modsecurity.org/) configured.
[Wed Oct 22 21:37:45 2008] [notice] Digest: generating secret for digest authentication …
[Wed Oct 22 21:37:45 2008] [notice] Digest: done
[Wed Oct 22 21:37:46 2008] [notice] Apache/2.2.3 (CentOS) configured — resuming normal operations

Done! Generate some suspicous traffic (ie. run an nmap scan against port 80) and check the console for alerts.

Files to check if things don’t work:

/var/log/httpd/error_log
/var/log/mlogc/mlogc-error.log
/var/log/messages

Nagios Installation

Definition:

Nagios (pronounced /ˈnɑːdʒioʊs/) is a popular open source computer system and network monitoring software application. It watches hosts and services, alerting users when things go wrong and again when they get better.

Nagios, originally created under the name NetSaint, was written and is currently maintained by Ethan Galstad, along with a group of developers actively maintaining both official and unofficial plugins. N.A.G.I.O.S. is a recursive acronym: “Nagios Ain’t Gonna Insist On Sainthood”[3], “Sainthood” being a reference to the original name of the software, which was changed in response to a legal challenge by owners of a similar trademark.

Nagios was originally designed to run under Linux, but also runs well on other Unix variants. It is free software, licensed under the terms of the GNU General Public License version 2 as published by the Free Software Foundation.

STEP OF INSTALLATION OF NAGIOS(SERVER)
1) Create Account Information
Become the root user.
su -l
Create a new nagios user account and give it a password.

/usr/sbin/useradd -m nagios
passwd nagios

Create a new nagcmd group for allowing external commands to be submitted through the web interface.
Add both the nagios user and the apache user to the group.
/usr/sbin/groupadd nagcmd
/usr/sbin/usermod -a -G nagcmd nagios
/usr/sbin/usermod -a -G nagcmd apache

2) Download Nagios and the Plugins
Create a directory for storing the downloads.
mkdir ~/downloads
cd ~/downloads
Download the source code tarballs of both Nagios and the Nagios plugins (visit
http://www.nagios.org/download/ for links to the latest versions). These directions were tested with
Nagios 3.1.1 and Nagios Plugins 1.4.11.

wget http://prdownloads.sourceforge.net/sourceforge/nagios/nagios-3.2.0.tar.gz
wget http://prdownloads.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.11.tar.gz

3) Compile and Install Nagios
Extract the Nagios source code tarball.
cd ~/downloads
tar xzf nagios-3.2.0.tar.gz
cd nagios-3.2.0
Run the Nagios configure script, passing the name of the group you created earlier like so:
./configure –with-command-group=nagcmd
Compile the Nagios source code.
make all
Install binaries, init script, sample config files and set permissions on the external command directory.
make install
make install-init
make install-config
make install-commandmode

4) Customize Configuration
Sample configuration files have now been installed in the /usr/local/nagios/etc directory. These sample
files should work fine for getting started with Nagios. You’ll need to make just one change before you
proceed…
Edit the /usr/local/nagios/etc/objects/contacts.cfg config file with your favorite editor and change the email
address associated with the nagiosadmin contact definition to the address you’d like to use for receiving
alerts.
vi /usr/local/nagios/etc/objects/contacts.cfg

5) Configure the Web Interface
Install the Nagios web config file in the Apache conf.d directory.
make install-webconf
Create a nagiosadmin account for logging into the Nagios web interface. Remember the password you
assign to this account – you’ll need it later.
htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin
Restart Apache to make the new settings take effect.
service httpd restart

6) Compile and Install the Nagios Plugins
Extract the Nagios plugins source code tarball.
cd ~/downloads
tar xzf nagios-plugins-1.4.11.tar.gz
cd nagios-plugins-1.4.11
Compile and install the plugins.
./configure –with-nagios-user=nagios –with-nagios-group=nagios
make
make install

7) Start Nagios
Add Nagios to the list of system services and have it automatically start when the system boots.
chkconfig –add nagios
chkconfig nagios on
Verify the sample Nagios configuration files.
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
If there are no errors, start Nagios.
service nagios start

8) Modify SELinux Settings
Fedora ships with SELinux (Security Enhanced Linux) installed and in Enforcing mode by default. This
can result in “Internal Server Error” messages when you attempt to access the Nagios CGIs.
See if SELinux is in Enforcing mode.
getenforce
Put SELinux into Permissive mode.
setenforce 0
To make this change permanent, you’ll have to modify the settings in /etc/selinux/config and reboot.
Instead of disabling SELinux or setting it to permissive mode, you can use the following command to
run the CGIs under SELinux enforcing/targeted mode:
chcon -R -t httpd_sys_content_t /usr/local/nagios/sbin/
chcon -R -t httpd_sys_content_t /usr/local/nagios/share/

9.) Access the monitoring system through your url

http://localhost/nagios

10. Install NRPE
Monitoring Host Setup
On the monitoring host (the machine that runs Nagios), you’ll need to do just a few things:
– Install the check_nrpe plugin
– Create a Nagios command definition for using the check_nrpe plugin
– Create Nagios host and service definitions for monitoring the remote host
These instructions assume that you have already installed Nagios on this machine according to the quickstart
installation guide. The configuration examples that are given reference templates that are defined in the sample
localhost.cfg and commands.cfg files that get installed if you follow the quickstart.
i. Install the check_nrpe plugin
Become the root user. You may have to use sudo -s on Ubuntu and other distros.
su -l
Create a directory for storing the downloads.
mkdir ~/downloads
cd ~/downloads
Download the source code tarball of the NRPE addon (visit http://www.nagios.org/download/ for links to the latest
versions). At the time of writing, the latest version of NRPE was 2.8.
wget http://osdn.dl.sourceforge.net/sourceforge/nagios/nrpe-2.8.tar.gz
Extract the NRPE source code tarball.
tar xzf nrpe-2.8.tar.gz
cd nrpe-2.8
Compile the NRPE addon.
./configure
make all
Install the NRPE plugin.
make install-plugin
Last Updated: May 1, 2007 Page 9 of 18 Copyright (c) 1999-2007 Ethan Galstad
NRPE Documentation
ii. Test communication with the NRPE daemon
Make sure the check_nrpe plugin can talk to the NRPE daemon on the remote host. Replace “192.168.0.1″ in the
command below with the IP address of the remote host that has NRPE installed.
/usr/local/nagios/libexec/check_nrpe -H 192.168.0.1
You should get a string back that tells you what version of NRPE is installed on the remote host, like this:
NRPE v2.8
If the plugin returns a timeout error, check the following:
– Make sure there isn’t a firewall between the remote host and the monitoring server that is blocking
communication
– Make sure that the NRPE daemon is installed properly under xinetd
– Make sure the remote host doesn’t have local (iptables) firewall rules that prevent the monitoring server from
talking to the NRPE daemon
iii. Create a command definition
You’ll need to create a command definition in one of your Nagios object configuration files in order to use the
check_nrpe plugin. Open the sample commands.cfg file for editing…
vi /usr/local/nagios/etc/commands.cfg
and add the following definition to the file:
define command{
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}
You are now ready to start adding services that should be monitored on the remote machine to the Nagios
configuration…
Last Updated: May 1, 2007 Page 10 of 18 Copyright (c) 1999-2007 Ethan Galstad
NRPE Documentation
iv. Create host and service definitions
You’ll need to create some object definitions in order to monitor the remote Linux/Unix machine. These definitions
can be placed in their own file or added to an already exiting object configuration file.
First, its best practice to create a new template for each different type of host you’ll be monitoring. Let’s create a
new template for linux boxes.
define host{
name linux-box ; Name of this template
use generic-host ; Inherit default values
check_period 24×7
check_interval 5
retry_interval 1
max_check_attempts 10
check_command check-host-alive
notification_period 24×7
notification_interval 30
notification_options d,r
contact_groups admins
register 0 ; DONT REGISTER THIS – ITS A TEMPLATE
}
Notice that the linux-box template definition is inheriting default values from the generic-host template, which is
defined in the sample localhost.cfg file that gets installed when you follow the Nagios quickstart installation guide.
Next, define a new host for the remote Linux/Unix box that references the newly created linux-box host template.
define host{
use linux-box ; Inherit default values from a template
host_name remotehost ; The name we’re giving to this server
alias Fedora Core 6 ; A longer name for the server
address 192.168.0.1 ; IP address of the server
}
Next, define some services for monitoring the remote Linux/Unix box. These example service definitions will use
the sample commands that have been defined in the nrpe.cfg file on the remote host.
The following service will monitor the CPU load on the remote host. The “check_load” argument that is passed to
the check_nrpe command definition tells the NRPE daemon to run the “check_load” command as defined in the
nrpe.cfg file.
define service{
use generic-service
host_name remotehost
service_description CPU Load
check_command check_nrpe!check_load
}
The following service will monitor the the number of currently logged in users on the remote host.
define service{
use generic-service
host_name remotehost
service_description Current Users
check_command check_nrpe!check_users
}
The following service will monitor the free drive space on /dev/hda1 on the remote host.
define service{
use generic-service
host_name remotehost
service_description /dev/hda1 Free Space
check_command check_nrpe!check_hda1
}
Last Updated: May 1, 2007 Page 11 of 18 Copyright (c) 1999-2007 Ethan Galstad
NRPE Documentation
The following service will monitor the total number of processes on the remote host.
define service{
use generic-service
host_name remotehost
service_description Total Processes
check_command check_nrpe!check_total_procs
}
The following service will monitor the number of zombie processes on the remote host.
define service{
use generic-service
host_name remotehost
service_description Zombie Processes
check_command check_nrpe!check_zombie_procs
}
Those are the basic service definitions for monitoring the remote host. If you would like to add additional services
to be monitored, read the “Customizing Your Configuration” section starting on page 13.
v. Restart Nagios
At this point you’ve installed the check_nrpe plugin and addon host and service definitions for monitoring the
remote Linux/Unix machine. Now its time to make those changes live…
Verify your Nagios configuration files.
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
If there are errors, fix them. If everything is fine, restart Nagios.
service nagios restart
That’s it! You should see the host and service definitions you created in the Nagios web interface. In a few
minutes Nagios should have the current status information for the remote Linux/Unix machine.
Since you might want to monitor more services on the remote machine, I would suggest you read the next section
as well. :-)
Also, when it comes time to upgrade the version of NRPE you’re running, its pretty easy to do. The initial
installation was the toughest, but upgrading is a snap.

Actual Steps made on the server(volt):
1. Edited the commands.cfg file under the directory /usr/local/nagios/etc/objects to add

e.g
#######Me’s additional commands#######
#check nrpe setup

define command{
command_name    check_nrpe_disk
command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -p $ARG1$ -c $ARG2$
}

define command{
command_name    check_nrpe_load
command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -p $ARG1$ -c $ARG2$
}

define command{
command_name    check_nrpe_swap
command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -p $ARG1$ -c $ARG2$
}

define command{
command_name    check_nrpe_zombie_procs
command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -p $ARG1$ -c $ARG2$
}

define command{
command_name    check_nrpe_total_procs
command_line    $USER1$/check_nrpe -H $HOSTADDRESS$ -p $ARG1$ -c $ARG2$
}

2. Create cfg files under the directory /usr/local/nagios/etc/objects

CLIENT INSTALLATION
c) Remote Host Setup
These instructions should be completed on the remote Linux/Unix host that the NRPE daemon will be installed on.
You’ll be installing the Nagios plugins and the NRPE daemon…
i. Create Account Information
Become the root user. You may have to use sudo -s on Ubuntu and other distros.
su -l
Create a new nagios user account and give it a password.
/usr/sbin/useradd nagios
passwd nagios
ii. Install the Nagios Plugins
Create a directory for storing the downloads.
mkdir ~/downloads
cd ~/downloads
Download the source code tarball of the Nagios plugins (visit http://www.nagios.org/download/ for links to the latest
versions). At the time of writing, the latest stable version of the Nagios plugins was 1.4.6.
wget http://osdn.dl.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.6.tar.gz
Extract the Nagios plugins source code tarball.
tar xzf nagios-plugins-1.4.6.tar.gz
cd nagios-plugins-1.4.6
Compile and install the plugins.
./configure
make
make install
The permissions on the plugin directory and the plugins will need to be fixed at this point, so run the following
commands.
chown nagios.nagios /usr/local/nagios
chown -R nagios.nagios /usr/local/nagios/libexec
iii. Install xinetd
Fedora Core 6 doesn’t ship with xinetd installed by default, so install it with the following command:
yum install xinetd
Last Updated: May 1, 2007 Page 5 of 18 Copyright (c) 1999-2007 Ethan Galstad
NRPE Documentation
iv. Install the NRPE daemon
Download the source code tarball of the NRPE addon (visit http://www.nagios.org/download/ for links to the latest
versions). At the time of writing, the latest version of NRPE was 2.8.
cd ~/downloads
wget http://osdn.dl.sourceforge.net/sourceforge/nagios/nrpe-2.8.tar.gz
Extract the NRPE source code tarball.
tar xzf nrpe-2.8.tar.gz
cd nrpe-2.8
Compile the NRPE addon.
./configure
make all
Install the NRPE plugin (for testing), daemon, and sample daemon config file.
make install-plugin
make install-daemon
make install-daemon-config
Install the NRPE daemon as a service under xinetd.
make install-xinetd
Edit the /etc/xinetd.d/nrpe file and add the IP address of the monitoring server to the only_from directive.
only_from = 127.0.0.1
Add the following entry for the NRPE daemon to the /etc/services file.
nrpe 5666/tcp # NRPE
Restart the xinetd service.
service xinetd restart

Related: http://en.wikipedia.org/wiki/Nagios