Creating Host groups and adding Hosts to Nagios

Today we are going to discuss on Nagios Host group creation and Host addition for the Nagios platform. The host groups provide clean grouping of the hosts. 

Creating Host Groups in Nagios

  • Create a hostgroups.cfg using the below command

vi /usr/local/nagios/etc/objects/hostgroups.cfg

  • Then add the following to the hostgroups.cfg.

define hostgroup {
         hostgroup_name NAMEOFGROUP
         alias NAMEOFGROUP alias
}

  • Add the entry in the Nagios.cfg file

nano /usr/local/nagios/etc/nagios.cfg

  • Then, add the below line at the end of the file

cfg_file=/usr/local/nagios/etc/objects/hostgroups.cfg

  • Finally, we need to add the servers to the host group (as below)

define host {
host_name NAMEOFHOST
alias NAMEOFHOST
address xxx.xxx.xxx.xxx
hostgroups NAMEOFGROUP
}

  • Also, make sure to restart the nagios service – service nagios restart

Then, we will look at Host addition process

Continue reading “Creating Host groups and adding Hosts to Nagios”

On Agents (Ubuntu)

  • Install the NRPE tools – sudo apt-get install nagios-nrpe-server nagios-plugins
  • After that, need to define the Nagios server address

sudo nano /etc/nagios/nrpe.cfg

  • Then access the “allowed_hosts” section and update as appropiately [i.e: allowed_hosts=127.0.0.1, xxx.xxx.xxx.xxx]
  • Save and exit the changes, then restart the NRPE service

sudo systemctl restart nagios-nrpe-server

  • You may verify the NRPE service with the command – /usr/lib/nagios/plugins/check_load -w 15,10,5 -c 30,25,20

On Nagios Server

  • Once you are done with the Agents, you come back to the Nagios server. Even here, we start by installing the NRPE – sudo apt install nagios-nrpe-plugin
  • Then, access the relavent config file and enable “servers” category 

sudo nano /usr/local/nagios/etc/nagios.cfg

  • To enable cfg_dir=/usr/local/nagios/etc/servers simply uncomment the line
  • After that, we need to create custom commands for Monitoring sensors

sudo nano /usr/local/nagios/etc/objects/commands.cfg

  • In the bottom of cfg file, you may add the following (save and close to commit the changes)

define command {
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}

  • Next, we need to create a client coniguration file – sudo nano /usr/local/nagios/etc/servers/client.cfg
  • There, you may define the host systems with the required object definitions

NOTE: make sure to verify whether the used syntaxes are correct with the below command. Also please refer the Nagios official documentation

sudo /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

  • Finally, restart the nagios [sudo systemctl restart nagios] service and hopefully you should be seeing the Hosts

What is Cisco Defense Orchestrator ?

CDO is a cloud-based multi-device management portal. In my opinion, this is the best solution for service providers like cloud services and managed service providers. Simply you do not have to access each and every management portal. Simply using CDO, all the CISO security devices can be managed.

Features:

  • Fast platform migration
  • Fast deployment and device on-boarding
  • Pre-defined security templates
  • Simple upgrade process
  • Integration of 3rd party integrations

 

Supported Devices:

  • Adaptive Security Appliance (ASA)
  • Firepower Thread Defense (FTD)
  • Firepower Management Center (FMC)
  • Cisco IOS devices with Security Module
  • Meraki MX

support matrix: Data Sheet