Browsed by
Category: nagios

Monitor For Expiring SSL/TLS Certs with Nagios

Monitor For Expiring SSL/TLS Certs with Nagios

We’ve all been there. Your SSL/TLS certificate on your webserver, mail server, or <insert service name here> has expired and your users are miffed!!! Expiring SSL/TLS certificates have been a problem as long as I can remember and that was at a point when SSL certs could last for several years. Now we have Let’s Encrypt (@letsencrypt) in the fray of SSL/TLS certs and their certs only last a maximum of 90 days. Do you really think expiring certs won’t…

Read More Read More

Monitoring pfSense with Nagios Using SSH – part 3

Monitoring pfSense with Nagios Using SSH – part 3

Configuring the checks on Nagios XI This is the third and final part to monitoring pfSense with Nagios XI using SSH. If you missed either of the previous parts, I’ve included them below. Note: If you’re configuring this on Nagios Core, scroll down to the bottom of this page for the example commands.cfg and services.cfg files. Part 1: Setting up password-less SSH Part 2: Downloading and testing the checks Changelog 15Dec2017 – Originally posted 9May2018 – Added uptime and CPU…

Read More Read More

Monitoring pfSense with Nagios Using SSH – part 2

Monitoring pfSense with Nagios Using SSH – part 2

Downloading and testing the checks In the part 1, we setup password-less SSH. Now that we have a secure connection between the systems, we are quite a bit closer to securely running check commands using the SSH proxy on Nagios XI or the check_by_ssh on Nagios Core. Changelog 15Dec2017 – Originally posted 9May2018 – Added uptime and CPU temperature check as well as a Nagios Core example 11May2018 – Modified the check_pf_mem plugin 1June2018 – Added Nagios Core services.cfg and…

Read More Read More

Monitoring pfSense with Nagios Using SSH – part 1

Monitoring pfSense with Nagios Using SSH – part 1

Monitoring pfSense with Nagios XI or Core Using SSH Series This walkthrough will guide you through the process of monitoring your pfSense using SSH and Nagios. Though this was originally written with Nagios XI in mind, recent additions to this walkthrough have made the process far easier for those configuring it on Nagios Core. FWIW, the scripts could also be used with NRPE without issue, although I discuss why SSH is my preferred route below. The end of part 3…

Read More Read More

Nagios – ndo2db not running

Nagios – ndo2db not running

Your Nagios server was shutoff unexpectedly and now you see the “database backend” with a red exclamation in the web GUI. The only thing you can do is try to start the process, but it comes back with ndo2db is not running. Fortunately, the fix is pretty simple. Feel free to copy/paste the commands to avoid typos. Just make sure you omit the ‘#’ on each command otherwise the command won’t run. Assuming you have already tried restarting the ndo2db…

Read More Read More

Why Net Neutrality Is Vital For Entrepreneurs

Why Net Neutrality Is Vital For Entrepreneurs

The battle over net neutrality rages on and it has far-reaching implications beyond the US. Anyone who knows or follows me knows I am a huge fan of net neutrality. I’m not saying it is the only way to protect the free and open internet, but 1) it is one of the easiest, 2) it’s all we have, and 3) simple generally leads to less loopholes. For what it is worth, this isn’t a political discussion and I don’t intend…

Read More Read More

Installing Nagios XI on CentOS 7

Installing Nagios XI on CentOS 7

First things first, why CentOS 7 instead of 6? Well, CentOS 6 has issues with Python updating because of yum. Yes, you can install a separate instance, but it’s not fun and it can break down the road. Second, why not use the OVA provided by Nagios? As of September 2017, the version of Python on the OVA is ancient — 2.6.6. And because yum is tied to it, you can’t update it or you need to install a separate…

Read More Read More

Uncovering Indicators of Compromise

Uncovering Indicators of Compromise

Last updated: 16 October 2016 This is the new version of a paper and script I originally wrote as part of my SANS gold paper for the GCCC certification. The paper re-write was primarily in preparation for my presentation of the topic at the 2016 Nagios World Conference… Unfortunately, the conference was canceled. <sigh> Nonetheless, the paper now covers version 6 of the Critical Security Controls instead of 5.1. The original paper in PDF format can still be retrieved from the SANS…

Read More Read More