Overview of NRPE:
Installing and Configuring Nagios NRPE in Linux:
# cd /tmp
# wget http://internap.dl.sourceforge.net/sourceforge/nagios/nrpe-2.12.tar.gz
# tar -zxvf nrpe-2.12.tar.gz
# cd nrpe-2.12
# ./configure –enable-ssl –enable-command-args
(should create users/groups)
General Options:
NRPE port: 5666
NRPE user: nagios
NRPE group: nagios
Nagios user: nagios
Nagios group: nagios
# make
# make install
# make install-daemon
# make install-daemon-CONFIG
# make install-xinetd
Install XInetD (Debian)
# apt-get install xinetd
# vim /etc/services
nrpe 5666/tcp
Allow Nagios user to execute commands (sudoers)
# visudo
nagios ALL=(ALL) NOPASSWD: /usr/local/nagios/libexec/
Configure xinetd to start on boot(debian)
# update-rc.d xinetd defaults
Configure Xinetd
# vim /etc/inetd.conf
Start xinetd(nrpe)
# /etc/init.d/xinetd start
# vim /etc/xinetd.d/nrpe
only_from =
# vim /usr/local/nagios/etc/nrpe.cfg
The commands configured to run by NRPE should be in here:
# vim /usr/local/nagios/etc/command_def.cfg
#Nagios Remote Commands Definition File
command[check_users]=/usr/local/nagios/libexec/check_users -w $ARG1$ -c $ARG2$
command[check_load]=/usr/local/nagios/libexec/check_load -w $ARG1$ -c $ARG2$
command[check_disk]=/usr/local/nagios/libexec/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$
with no arguments option set:
command[check_users]=/usr/local/nagios/libexec/check_users -w 2 -c 5
command[check_load]=/usr/local/nagios/libexec/check_load -w 10,20,30 -c 50,70,90
command[check_disk]=/usr/local/nagios/libexec/check_disk -w 80 -c 90 -p /
ref. http://docs.cslabs.clarkson.edu/wiki/Monitor_a_Remote_Red_Hat_Based_Linux_Server_with_Nagios#Install_Needed_Packages


Log Files:
Set debug to 1 in :
# vim /usr/local/nagios/etc/nrpe.cfg
open another terminal and execute:
# tail -f /var/log/syslog
then start querying the server with check_nrpe commands
CHECK_NRPE: Error – Could not complete SSL handshake
is error message could be due to several problems:

1.Different versions. Make sure you are using the same version of the check_nrpe plugin and the NRPE daemon.
Newer versions of NRPE are usually not backward compatible with older versions.
2.SSL is disabled. Make sure both the NRPE daemon and the check_nrpe plugin were compiled with SSL support
and that neither are being run without SSL support (using command line switches).
3.Incorrect file permissions. Make sure the NRPE config file (nrpe.cfg) is readable by the user (i.e. nagios)
that executes the NRPE binary from inetd/xinetd.
4. Pseudo-random device files are not readable.Solaris 8 The files /devices/pseudo/random*
(linked through /dev/*random, and provided by Sun patch 112438) were not readable by the nagios
user I use to launch NRPE. Making the character devices world-readable solved it.”
5. Unallowed address. If you’re running the NRPE daemon under xinetd, make sure that you have a line in
the xinetd config file that say “only_from = xxx.xxx.xxx.xxx”, where xxx.xxx.xxx.xxx is the IP
address that you’re connected to the NRPE daemon from.

In my case it was none of this, I was missing the sudoers, and I was sending arguments (i had forgotten to compile with enable-args).

Tags: , , , , , , ,

3 thoughts on “Install NRPE in Linux

  1. There seems to be a problem with your suggested setting
    # vim /etc/xinetd.d/nrpe
    only_from =
    unless I am misunderstanding your meaning. The man page for xinetd.conf says: “Specifying this attribute without a value makes the service available to nobody.”

  2. In my case, the problem was that I had:
    allowed_hosts =
    once I removed the everything worked

Leave a Reply

Your email address will not be published. Required fields are marked *