Install Nagios Server.

Also Install basic plugins to monitor Nagios Server itself.

# install from EPEL

[root@dlp ~]# 
dnf --enablerepo=epel -y install nagios nagios-plugins-{ping,disk,users,procs,load,swap,ssh,h
[5] Configure Nagios.
[root@dlp ~]# 
vi /etc/httpd/conf.d/nagios.conf
# line 16-17 : change access permission if you need ( also change line 47-48 )

#
Require all granted
#Require host 127.0.0.1
Require ip 127.0.0.1 10.0.0.0/24
# add nagios admin user

[root@dlp ~]# 
htpasswd /etc/nagios/passwd nagiosadmin

New password:     
# set any password

Re-type new password:

Adding password for user nagiosadmin
[root@dlp ~]# 
systemctl enable --now nagios

[root@dlp ~]# 
systemctl restart httpd

[6] If SELinux is enabled , change policy.

# install from EPEL

[root@dlp ~]# 
dnf --enablerepo=epel -y install nagios-selinux
[root@dlp ~]# 
vi nagios-php.te
# create new

module nagios-php 1.0;

require {
 type httpd_t;
type nagios_spool_t;
type ping_exec_t;
type nagios_unconfined_plugin_t;
class file { execute execute_no_trans map getattr open read };
class process setcap;
class icmp_socket { create getopt setopt };
class udp_socket { connect create getattr };
}

#============= nagios_unconfined_plugin_t ==============

allow nagios_unconfined_plugin_t ping_exec_t:file { execute execute_no_trans open read };
allow nagios_unconfined_plugin_t ping_exec_t:file map;
allow nagios_unconfined_plugin_t self:icmp_socket { create getopt setopt };
allow nagios_unconfined_plugin_t self:process setcap;
allow nagios_unconfined_plugin_t self:udp_socket { connect create getattr };

#============= httpd_t ==============

allow httpd_t nagios_spool_t:file { getattr open read };

[root@dlp ~]# 
checkmodule -m -M -o nagios-php.mod nagios-php.te

[root@dlp ~]# 
semodule_package --outfile nagios-php.pp --module nagios-php.mod

[root@dlp ~]# 
semodule -i nagios-php.pp

[7] If Firewalld is running , allow HTTP service.

[root@dlp ~]# 
firewall-cmd --add-service={http,https}

success
[root@dlp ~]# 
firewall-cmd --runtime-to-permanent

success
[8] Access to [http://(Nagios server's hostname or IP address)/nagios/] from a client which is in the
by Nagios server and authenticate to login with the Nagios administration user [nagiosadmin] yo
[9] After successing authentication, Nagios admin site is displayed.
[10] It's possible to see system status to click [Tactical Overview] and so on.
 Notification Setting
  This is the Email Notification Settings section.
It is enabled on some items by default but if you change it, configure like follows.
[1] Install and start SMTP Server, refer to here .
[2] Set notification recipients. And aldo Nagios sends notifications with [mail] command, so install i
[root@dlp ~]# 
dnf -y install s-nail
[root@dlp ~]# 
vi /etc/nagios/objects/contacts.cfg
# line 32 : set recipient email address

email 
root@localhost
[root@dlp ~]# 
systemctl restart nagios

[3] It's possible to change notification setting on Nagios admin site.

Login to it and click [Services] link, then services list is displayed. The icons which are displayed
name are just the one which notification is disabled.
(HTTP and SSH corresponds to the example below)
To enable notification on a service, click service name first.
[4] Click [Enable notifications for this service].
[5] Click [Commit] button.
[6] That's OK all.
[7] If notification is enabled and a service has some troubles, the notification like follows are sent t
you set.
Date: Wed, 10 Aug 2022 13:04:47 +0900
To: root@localhost
Subject: ** PROBLEM Service Alert: localhost/SSH is CRITICAL **
Message-Id: <20220810040447.82C44207CDC4@dlp.srv.world<
From: nagios@dlp.srv.world

***** Nagios *****

Notification Type: PROBLEM

Service: SSH
Host: localhost
Address: 127.0.0.1
State: CRITICAL
Date/Time: Wed Aug 10 13:04:47 JST 2022

Additional Info:

connect to address 127.0.0.1 and port 22: Connection refused

Set Thresholds

[1] The thresholds are set in configuration file by default. For example, the item for monitoring disk
partition is set like follows.
[root@dlp ~]# 
vi /etc/nagios/objects/localhost.cfg
.....
.....
# Define a service to check the disk space of the root partition
# on the local machine. Warning if < 20% free, critical if
# < 10% free space on partition.

# the thresholds are set as Warning if > 20% free, critical if 10% > 10% free
# change these values if you'd like to change them

define service {

use local-service ; Name of service template to use

host_name localhost
service_description Root Partition
check_command check_local_disk!20%!10%!/
}
.....
.....

[root@dlp ~]# 
systemctl restart nagios

[2] For the case you add a new plugin and configure it, set like follows.
(example below is for [check_ntp_time] plugin)
[root@dlp ~]# 
dnf --enablerepo=epel -y install nagios-plugins-ntp
# display options for a plugin to confirm usage

[root@dlp ~]# 
/usr/lib64/nagios/plugins/check_ntp_time -h
.....
.....

-w, --warning=THRESHOLD
Offset to result in warning status (seconds)
-c, --critical=THRESHOLD
Offset to result in critical status (seconds)

.....
.....

# add definition of command for a plugin with thresholds' options

[root@dlp ~]# 
vi /etc/nagios/objects/commands.cfg
# add to the end

define command {
command_name check_ntp_time
command_line $USER1$/check_ntp_time -H $ARG1$ -w $ARG2$ -c $ARG3$
}

# add definition of service with thresholds' values

[root@dlp ~]# 
vi /etc/nagios/objects/localhost.cfg
# add to the end
# Warning with 1 sec time difference, Critical with 2 sec difference

define service {
use local-service
host_name localhost
service_description NTP_TIME
check_command check_ntp_time!ntp.nict.jp!1!2
notifications_enabled 1
}

[root@dlp ~]# 
systemctl restart nagios

[3] The notification is sent if a system value is over the threshold.

Date: Wed, 10 Aug 2022 13:18:18 +0900
To: root@localhost
Subject: ** PROBLEM Service Alert: localhost/NTP_TIME is CRITICAL **
Message-Id: <20220810041818.19C18207CDC4@dlp.srv.world<
From: nagios@dlp.srv.world
***** Nagios *****

Notification Type: PROBLEM

Service: NTP_TIME
Host: localhost
Address: 127.0.0.1
State: CRITICAL

Date/Time: Wed Aug 10 13:18:18 JST 2022

Additional Info:

NTP CRITICAL: Offset 112.1195108 secs, stratum best:0 worst:1

Add Monitoring Target Item

[1] Many plugins are provided with RPM packages like follows.
# use EPEL repo

[root@dlp ~]# 
dnf --enablerepo=epel search nagios-plugins-

nagios-plugins-all.x86_64 : Nagios Plugins - All plugins

nagios-plugins-apt.x86_64 : Nagios Plugin - check_apt
nagios-plugins-breeze.x86_64 : Nagios Plugin - check_breeze
nagios-plugins-by_ssh.x86_64 : Nagios Plugin - check_by_ssh
nagios-plugins-cluster.x86_64 : Nagios Plugin - check_cluster
.....
.....
nagios-plugins-time.x86_64 : Nagios Plugin - check_time
nagios-plugins-ups.x86_64 : Nagios Plugin - check_ups
nagios-plugins-uptime.x86_64 : Nagios Plugin - check_uptime
nagios-plugins-users.x86_64 : Nagios Plugin - check_users
nagios-plugins-wave.x86_64 : Nagios Plugin - check_wave

[2] For example, add [check_ntp] plugin to monitor time difference between the System time and N
[root@dlp ~]# 
dnf --enablerepo=epel -y install nagios-plugins-ntp
[root@dlp ~]# 
vi /etc/nagios/objects/commands.cfg
# add follows to the end
define command {
command_name check_ntp_time
command_line $USER1$/check_ntp_time -H $ARG1$ -w $ARG2$ -c $ARG3$
}

[root@dlp ~]# 
vi /etc/nagios/objects/localhost.cfg
# add to the end
# Warning with 1 sec time difference, Critical with 2 sec difference

define service {
use local-service
host_name localhost
service_description NTP_TIME
check_command check_ntp_time!ntp.nict.jp!1!2
notifications_enabled 1
}

[root@dlp ~]# 
systemctl restart nagios

[3] It's possible to view the status for a new plugin on the admin site.
Add Target Host (Ping)
[1] For exmaple, add a Host as monitoring target with simply Ping command.
[root@dlp ~]# 
vi /etc/nagios/nagios.cfg
# line 51 : uncomment

cfg_dir=/etc/nagios/servers
[root@dlp ~]# 
mkdir /etc/nagios/servers
[root@dlp ~]# 
chgrp nagios /etc/nagios/servers

[root@dlp ~]# 
chmod 750 /etc/nagios/servers

[root@dlp ~]# 
vi /etc/nagios/servers/node01.cfg
# create new

define host {
use linux-server
host_name node01
alias node01
address 10.0.0.51
}
define service {
use generic-service
host_name node01
service_description PING
check_command check_ping!100.0,20%!500.0,60%
}

[root@dlp ~]# 
systemctl restart nagios

[2] It's possible to see the status for a new server on the admin site.
 M a t c h e d C o n t e n t

Add Target Host (Services)

[1] Install [nrpe] on a target host you'd like to monitor services on it.
# install from EPEL

[root@node01 ~]# 
dnf --enablerepo=epel -y install nrpe nagios-plugins-{ping,disk,users,procs,load,swap,ssh}
[root@node01 ~]# 
vi /etc/nagios/nrpe.cfg
# line 106 : add access permission (specify Nagios server)

allowed_hosts=127.0.0.1,::1
,10.0.0.30
# line 122 : permit arguments of commands on here
dont_blame_nrpe=
1
# line 300 : comment out all

#
command[check_users]=/usr/lib64/nagios/plugins/check_users -w 5 -c 10
#
command[check_load]=/usr/lib64/nagios/plugins/check_load -r -w .15,.10,.05 -c .30,.25,.20
#
command[check_hda1]=/usr/lib64/nagios/plugins/check_disk -w 20% -c 10% -p /dev/hda1
#
command[check_zombie_procs]=/usr/lib64/nagios/plugins/check_procs -w 5 -c 10 -sZ
#
command[check_total_procs]=/usr/lib64/nagios/plugins/check_procs -w 150 -c 200
# line 305 : add follows

command[check_users]=/usr/lib64/nagios/plugins/check_users -w $ARG1$ -c $ARG2$

command[check_load]=/usr/lib64/nagios/plugins/check_load -w $ARG1$ -c $ARG2$
command[check_disk]=/usr/lib64/nagios/plugins/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
command[check_procs]=/usr/lib64/nagios/plugins/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$
[root@node01 ~]# 
systemctl enable --now nrpe

[2] If Firewalld is running , allow nrpe port.

[root@node01 ~]# 
firewall-cmd --add-port=5666/tcp

success
[root@node01 ~]# 
firewall-cmd --runtime-to-permanent

success
[3] Configure Nagios server.
[root@dlp ~]# 
dnf --enablerepo=epel -y install nagios-plugins-nrpe
[root@dlp ~]# 
vi /etc/nagios/nagios.cfg
# line 51 : uncomment

cfg_dir=/etc/nagios/servers
[root@dlp ~]# 
mkdir /etc/nagios/servers

[root@dlp ~]# 
chgrp nagios /etc/nagios/servers
[root@dlp ~]# 
chmod 750 /etc/nagios/servers

[root@dlp ~]# 
vi /etc/nagios/objects/commands.cfg
# add to the end

define command {
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}

[root@dlp ~]# 
vi /etc/nagios/servers/node01.cfg
# create new

define host {
use linux-server
host_name node01
alias node01
address 10.0.0.51
}

# for ping
define service {
use generic-service
host_name node01
service_description PING
check_command check_ping!100.0,20%!500.0,60%
}

# for free disk

define service {
use generic-service
host_name node01
service_description Root Partition
check_command check_nrpe!check_disk\!20%\!10%\!/
}

# for current users

define service {
use generic-service
host_name node01
service_description Current Users
check_command check_nrpe!check_users\!20\!50
}

# for total processes

define service {
 use generic-service
host_name node01
service_description Total Processes
check_command check_nrpe!check_procs\!250\!400\!RSZDT
}

# for current load

define service {
use generic-service
host_name node01
service_description Current Load
check_command check_nrpe!check_load\!5.0,4.0,3.0\!10.0,6.0,4.0
}

[root@dlp ~]# 
systemctl restart nagios

[4] It's possible to see the status for a new server on the admin site.