From 142820653f8d6a3fffacc9acde09ca74e22892bf Mon Sep 17 00:00:00 2001 From: Julien Dessaux Date: Tue, 19 Sep 2017 17:55:40 +0200 Subject: Finished adding nagios policy along with simple nginx policy --- templates/nagios/conf.d/cobsd.adyxax.org.cfg | 6 + templates/nagios/conf.d/commands.cfg | 239 ++++++++++++++++++++++ templates/nagios/conf.d/console.adyxax.org.cfg | 6 + templates/nagios/conf.d/contacts.cfg | 12 ++ templates/nagios/conf.d/git.adyxax.org.cfg | 6 + templates/nagios/conf.d/hostgroups.cfg | 13 ++ templates/nagios/conf.d/mysql01.adyxax.org.cfg | 6 + templates/nagios/conf.d/nagios.adyxax.org.cfg | 33 +++ templates/nagios/conf.d/templates.cfg | 73 +++++++ templates/nagios/conf.d/tiddlywiki.adyxax.org.cfg | 6 + templates/nagios/conf.d/timeperiods.cfg | 54 +++++ 11 files changed, 454 insertions(+) create mode 100644 templates/nagios/conf.d/cobsd.adyxax.org.cfg create mode 100644 templates/nagios/conf.d/commands.cfg create mode 100644 templates/nagios/conf.d/console.adyxax.org.cfg create mode 100644 templates/nagios/conf.d/contacts.cfg create mode 100644 templates/nagios/conf.d/git.adyxax.org.cfg create mode 100644 templates/nagios/conf.d/hostgroups.cfg create mode 100644 templates/nagios/conf.d/mysql01.adyxax.org.cfg create mode 100644 templates/nagios/conf.d/nagios.adyxax.org.cfg create mode 100644 templates/nagios/conf.d/templates.cfg create mode 100644 templates/nagios/conf.d/tiddlywiki.adyxax.org.cfg create mode 100644 templates/nagios/conf.d/timeperiods.cfg (limited to 'templates/nagios/conf.d') diff --git a/templates/nagios/conf.d/cobsd.adyxax.org.cfg b/templates/nagios/conf.d/cobsd.adyxax.org.cfg new file mode 100644 index 0000000..84507f1 --- /dev/null +++ b/templates/nagios/conf.d/cobsd.adyxax.org.cfg @@ -0,0 +1,6 @@ +define host { + use freebsd-server + host_name cobsd.adyxax.org + address cobsd + parents nagios.adyxax.org +} diff --git a/templates/nagios/conf.d/commands.cfg b/templates/nagios/conf.d/commands.cfg new file mode 100644 index 0000000..3a4f3d3 --- /dev/null +++ b/templates/nagios/conf.d/commands.cfg @@ -0,0 +1,239 @@ +############################################################################### +# COMMANDS.CFG - SAMPLE COMMAND DEFINITIONS FOR NAGIOS 4.3.2 +# +# +# NOTES: This config file provides you with some example command definitions +# that you can reference in host, service, and contact definitions. +# +# You don't need to keep commands in a separate file from your other +# object definitions. This has been done just to make things easier to +# understand. +# +############################################################################### + + +################################################################################ +# +# SAMPLE NOTIFICATION COMMANDS +# +# These are some example notification commands. They may or may not work on +# your system without modification. As an example, some systems will require +# you to use "/usr/bin/mailx" instead of "/usr/bin/mail" in the commands below. +# +################################################################################ + + +# 'notify-host-by-email' command definition +define command{ + command_name notify-host-by-email + command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" $CONTACTEMAIL$ + } + +# 'notify-service-by-email' command definition +define command{ + command_name notify-service-by-email + command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" | /usr/bin/mail -s "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" $CONTACTEMAIL$ + } + + + + + +################################################################################ +# +# SAMPLE HOST CHECK COMMANDS +# +################################################################################ + + +# This command checks to see if a host is "alive" by pinging it +# The check must result in a 100% packet loss or 5 second (5000ms) round trip +# average time to produce a critical error. +# Note: Five ICMP echo packets are sent (determined by the '-p 5' argument) + +# 'check-host-alive' command definition +define command{ + command_name check-host-alive + command_line $USER1$/check_ping -H $HOSTADDRESS$ -w 3000.0,80% -c 5000.0,100% -p 5 + } + + + + +################################################################################ +# +# SAMPLE SERVICE CHECK COMMANDS +# +# These are some example service check commands. They may or may not work on +# your system, as they must be modified for your plugins. See the HTML +# documentation on the plugins for examples of how to configure command definitions. +# +# NOTE: The following 'check_local_...' functions are designed to monitor +# various metrics on the host that Nagios is running on (i.e. this one). +################################################################################ + +# 'check_local_disk' command definition +define command{ + command_name check_local_disk + command_line $USER1$/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$ + } + + +# 'check_local_load' command definition +define command{ + command_name check_local_load + command_line $USER1$/check_load -w $ARG1$ -c $ARG2$ + } + + +# 'check_local_procs' command definition +define command{ + command_name check_local_procs + command_line $USER1$/check_procs -w $ARG1$ -c $ARG2$ -s $ARG3$ + } + + +# 'check_local_users' command definition +define command{ + command_name check_local_users + command_line $USER1$/check_users -w $ARG1$ -c $ARG2$ + } + + +# 'check_local_swap' command definition +define command{ + command_name check_local_swap + command_line $USER1$/check_swap -w $ARG1$ -c $ARG2$ + } + + +# 'check_local_mrtgtraf' command definition +define command{ + command_name check_local_mrtgtraf + command_line $USER1$/check_mrtgtraf -F $ARG1$ -a $ARG2$ -w $ARG3$ -c $ARG4$ -e $ARG5$ + } + + +################################################################################ +# NOTE: The following 'check_...' commands are used to monitor services on +# both local and remote hosts. +################################################################################ + +# 'check_ftp' command definition +define command{ + command_name check_ftp + command_line $USER1$/check_ftp -H $HOSTADDRESS$ $ARG1$ + } + + +# 'check_hpjd' command definition +define command{ + command_name check_hpjd + command_line $USER1$/check_hpjd -H $HOSTADDRESS$ $ARG1$ + } + + +# 'check_snmp' command definition +define command{ + command_name check_snmp + command_line $USER1$/check_snmp -H $HOSTADDRESS$ $ARG1$ + } + + +# 'check_http' command definition +define command{ + command_name check_http + command_line $USER1$/check_http -I $HOSTADDRESS$ $ARG1$ + } + + +# 'check_ssh' command definition +define command{ + command_name check_ssh + command_line $USER1$/check_ssh $ARG1$ $HOSTADDRESS$ + } + + +# 'check_dhcp' command definition +define command{ + command_name check_dhcp + command_line $USER1$/check_dhcp $ARG1$ + } + + +# 'check_ping' command definition +define command{ + command_name check_ping + command_line $USER1$/check_ping -H $HOSTADDRESS$ -w $ARG1$ -c $ARG2$ -p 5 + } + + +# 'check_pop' command definition +define command{ + command_name check_pop + command_line $USER1$/check_pop -H $HOSTADDRESS$ $ARG1$ + } + + +# 'check_imap' command definition +define command{ + command_name check_imap + command_line $USER1$/check_imap -H $HOSTADDRESS$ $ARG1$ + } + + +# 'check_smtp' command definition +define command{ + command_name check_smtp + command_line $USER1$/check_smtp -H $HOSTADDRESS$ $ARG1$ + } + + +# 'check_tcp' command definition +define command{ + command_name check_tcp + command_line $USER1$/check_tcp -H $HOSTADDRESS$ -p $ARG1$ $ARG2$ + } + + +# 'check_udp' command definition +define command{ + command_name check_udp + command_line $USER1$/check_udp -H $HOSTADDRESS$ -p $ARG1$ $ARG2$ + } + + +# 'check_nt' command definition +define command{ + command_name check_nt + command_line $USER1$/check_nt -H $HOSTADDRESS$ -p 12489 -v $ARG1$ $ARG2$ + } + + + +################################################################################ +# +# SAMPLE PERFORMANCE DATA COMMANDS +# +# These are sample performance data commands that can be used to send performance +# data output to two text files (one for hosts, another for services). If you +# plan on simply writing performance data out to a file, consider using the +# host_perfdata_file and service_perfdata_file options in the main config file. +# +################################################################################ + + +# 'process-host-perfdata' command definition +define command{ + command_name process-host-perfdata + command_line /usr/bin/printf "%b" "$LASTHOSTCHECK$\t$HOSTNAME$\t$HOSTSTATE$\t$HOSTATTEMPT$\t$HOSTSTATETYPE$\t$HOSTEXECUTIONTIME$\t$HOSTOUTPUT$\t$HOSTPERFDATA$\n" >> /var/spool/nagios/host-perfdata.out + } + + +# 'process-service-perfdata' command definition +define command{ + command_name process-service-perfdata + command_line /usr/bin/printf "%b" "$LASTSERVICECHECK$\t$HOSTNAME$\t$SERVICEDESC$\t$SERVICESTATE$\t$SERVICEATTEMPT$\t$SERVICESTATETYPE$\t$SERVICEEXECUTIONTIME$\t$SERVICELATENCY$\t$SERVICEOUTPUT$\t$SERVICEPERFDATA$\n" >> /var/spool/nagios/service-perfdata.out + } + + diff --git a/templates/nagios/conf.d/console.adyxax.org.cfg b/templates/nagios/conf.d/console.adyxax.org.cfg new file mode 100644 index 0000000..49913d9 --- /dev/null +++ b/templates/nagios/conf.d/console.adyxax.org.cfg @@ -0,0 +1,6 @@ +define host { + use freebsd-server + host_name console.adyxax.org + address console.jail + parents cobsd.adyxax.org +} diff --git a/templates/nagios/conf.d/contacts.cfg b/templates/nagios/conf.d/contacts.cfg new file mode 100644 index 0000000..7a1f874 --- /dev/null +++ b/templates/nagios/conf.d/contacts.cfg @@ -0,0 +1,12 @@ +define contact { + contact_name julien + use generic-contact + alias Julien Dessaux + email root+nagios@adyxax.org +} + +define contactgroup { + contactgroup_name admins + alias Nagios Administrators + members julien +} diff --git a/templates/nagios/conf.d/git.adyxax.org.cfg b/templates/nagios/conf.d/git.adyxax.org.cfg new file mode 100644 index 0000000..1ad6f48 --- /dev/null +++ b/templates/nagios/conf.d/git.adyxax.org.cfg @@ -0,0 +1,6 @@ +define host { + use freebsd-server + host_name git.adyxax.org + address git.jail + parents cobsd.adyxax.org +} diff --git a/templates/nagios/conf.d/hostgroups.cfg b/templates/nagios/conf.d/hostgroups.cfg new file mode 100644 index 0000000..636bc5a --- /dev/null +++ b/templates/nagios/conf.d/hostgroups.cfg @@ -0,0 +1,13 @@ +define hostgroup { + hostgroup_name freebsd-servers + alias FreeBSD Servers + members cobsd.adyxax.org +} + +define hostgroup { + hostgroup_name freebsd-jails + alias FreeBSD Jails + members console.adyxax.org, \ + git.adyxax.org, \ + nagios.adyxax.org +} diff --git a/templates/nagios/conf.d/mysql01.adyxax.org.cfg b/templates/nagios/conf.d/mysql01.adyxax.org.cfg new file mode 100644 index 0000000..a7992d0 --- /dev/null +++ b/templates/nagios/conf.d/mysql01.adyxax.org.cfg @@ -0,0 +1,6 @@ +define host { + use freebsd-server + host_name mysql01.adyxax.org + address mysql01.jail + parents cobsd.adyxax.org +} diff --git a/templates/nagios/conf.d/nagios.adyxax.org.cfg b/templates/nagios/conf.d/nagios.adyxax.org.cfg new file mode 100644 index 0000000..96b7e5c --- /dev/null +++ b/templates/nagios/conf.d/nagios.adyxax.org.cfg @@ -0,0 +1,33 @@ +define host { + use freebsd-server + host_name nagios.adyxax.org + address 10.1.0.101 +} + +define service{ + use local-service + host_name nagios.adyxax.org + service_description Root Partition + check_command check_local_disk!20%!10%!/ +} + +define service{ + use local-service + host_name nagios.adyxax.org + service_description Current Load + check_command check_local_load!5.0,4.0,3.0!10.0,6.0,4.0 +} + +define service{ + use local-service + host_name nagios.adyxax.org + service_description Swap Usage + check_command check_local_swap!20!10 +} + +define service{ + use local-service + host_name nagios.adyxax.org + service_description SSH + check_command check_ssh +} diff --git a/templates/nagios/conf.d/templates.cfg b/templates/nagios/conf.d/templates.cfg new file mode 100644 index 0000000..f1f7fc9 --- /dev/null +++ b/templates/nagios/conf.d/templates.cfg @@ -0,0 +1,73 @@ +define contact { + name generic-contact ; The name of this contact template + service_notification_period 24x7 ; service notifications can be sent anytime + host_notification_period 24x7 ; host notifications can be sent anytime + service_notification_options w,u,c,r,f,s ; send notifications for all service states, flapping events, and scheduled downtime events + host_notification_options d,u,r,f,s ; send notifications for all host states, flapping events, and scheduled downtime events + service_notification_commands notify-service-by-email ; send service notifications via email + host_notification_commands notify-host-by-email ; send host notifications via email + register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL CONTACT, JUST A TEMPLATE! +} + +define host { + name generic-host ; The name of this host template + notifications_enabled 1 ; Host notifications are enabled + event_handler_enabled 1 ; Host event handler is enabled + flap_detection_enabled 1 ; Flap detection is enabled + process_perf_data 1 ; Process performance data + retain_status_information 1 ; Retain status information across program restarts + retain_nonstatus_information 1 ; Retain non-status information across program restarts + notification_period 24x7 ; Send host notifications at any time + register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL HOST, JUST A TEMPLATE! +} + +define host { + name freebsd-server ; The name of this host template + use generic-host ; This template inherits other values from the generic-host template + check_period 24x7 ; By default, FreeBSD hosts are checked round the clock + check_interval 5 ; Actively check the host every 5 minutes + retry_interval 1 ; Schedule host check retries at 1 minute intervals + max_check_attempts 10 ; Check each FreeBSD host 10 times (max) + check_command check-host-alive ; Default command to check FreeBSD hosts + notification_period workhours ; FreeBSD admins hate to be woken up, so we only notify during the day + ; Note that the notification_period variable is being overridden from + ; the value that is inherited from the generic-host template! + ;notification_interval 120 ; Resend notifications every 2 hours + notification_options d,u,r ; Only send notifications for specific host states + contact_groups admins ; Notifications get sent to the admins by default + register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL HOST, JUST A TEMPLATE! +} + +define service { + name generic-service ; The 'name' of this service template + active_checks_enabled 1 ; Active service checks are enabled + passive_checks_enabled 1 ; Passive service checks are enabled/accepted + parallelize_check 1 ; Active service checks should be parallelized (disabling this can lead to major performance problems) + obsess_over_service 1 ; We should obsess over this service (if necessary) + check_freshness 0 ; Default is to NOT check service 'freshness' + notifications_enabled 1 ; Service notifications are enabled + event_handler_enabled 1 ; Service event handler is enabled + flap_detection_enabled 1 ; Flap detection is enabled + process_perf_data 1 ; Process performance data + retain_status_information 1 ; Retain status information across program restarts + retain_nonstatus_information 1 ; Retain non-status information across program restarts + is_volatile 0 ; The service is not volatile + check_period 24x7 ; The service can be checked at any time of the day + max_check_attempts 3 ; Re-check the service up to 3 times in order to determine its final (hard) state + check_interval 10 ; Check the service every 10 minutes under normal conditions + retry_interval 2 ; Re-check the service every two minutes until a hard state can be determined + contact_groups admins ; Notifications get sent out to everyone in the 'admins' group + notification_options w,u,c,r ; Send notifications about warning, unknown, critical, and recovery events + notification_interval 60 ; Re-notify about service problems every hour + notification_period 24x7 ; Notifications can be sent out at any time + register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL SERVICE, JUST A TEMPLATE! +} + +define service{ + name local-service ; The name of this service template + use generic-service ; Inherit default values from the generic-service definition + max_check_attempts 4 ; Re-check the service up to 4 times in order to determine its final (hard) state + check_interval 5 ; Check the service every 5 minutes under normal conditions + retry_interval 1 ; Re-check the service every minute until a hard state can be determined + register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL SERVICE, JUST A TEMPLATE! +} diff --git a/templates/nagios/conf.d/tiddlywiki.adyxax.org.cfg b/templates/nagios/conf.d/tiddlywiki.adyxax.org.cfg new file mode 100644 index 0000000..cecda77 --- /dev/null +++ b/templates/nagios/conf.d/tiddlywiki.adyxax.org.cfg @@ -0,0 +1,6 @@ +define host { + use freebsd-server + host_name tiddlywiki.adyxax.org + address tiddlywiki.jail + parents cobsd.adyxax.org +} diff --git a/templates/nagios/conf.d/timeperiods.cfg b/templates/nagios/conf.d/timeperiods.cfg new file mode 100644 index 0000000..be21dcf --- /dev/null +++ b/templates/nagios/conf.d/timeperiods.cfg @@ -0,0 +1,54 @@ +define timeperiod { + timeperiod_name 24x7 + alias 24 Hours A Day, 7 Days A Week + sunday 00:00-24:00 + monday 00:00-24:00 + tuesday 00:00-24:00 + wednesday 00:00-24:00 + thursday 00:00-24:00 + friday 00:00-24:00 + saturday 00:00-24:00 +} + +define timeperiod { + timeperiod_name workhours + alias Normal Work Hours + monday 09:00-18:00 + tuesday 09:00-18:00 + wednesday 09:00-18:00 + thursday 09:00-18:00 + friday 09:00-18:00 +} + +define timeperiod { + timeperiod_name none + alias No Time Is A Good Time +} + +define timeperiod { + name us-holidays + timeperiod_name us-holidays + alias U.S. Holidays + + january 1 00:00-00:00 ; New Years + monday -1 may 00:00-00:00 ; Memorial Day (last Monday in May) + july 4 00:00-00:00 ; Independence Day + monday 1 september 00:00-00:00 ; Labor Day (first Monday in September) + thursday 4 november 00:00-00:00 ; Thanksgiving (4th Thursday in November) + december 25 00:00-00:00 ; Christmas +} + +define timeperiod { + timeperiod_name 24x7_sans_holidays + alias 24x7 Sans Holidays + + use us-holidays ; Get holiday exceptions from other timeperiod + + sunday 00:00-24:00 + monday 00:00-24:00 + tuesday 00:00-24:00 + wednesday 00:00-24:00 + thursday 00:00-24:00 + friday 00:00-24:00 + saturday 00:00-24:00 +} -- cgit v1.2.3