Help with monitoring service with my custom plugins

Hi Guys,

We have Nagios Plugins to monitoring DNS, https, ldap services on librenms, monitoring sthese services are fine. But the check_udp plugin does not work. So I have made an own simple plugin to check radius port UDP 1812. The command is working fine:
[email protected]:/usr/lib/nagios/plugins# ./check_udp_radius
OK: Radius UDP 1812 is openning

But when I used my own plugin on Librenms service check, I got Critical: Radius UDP 1812 is down. Can someone help me on this? I don’t understand why command is running OK, but service check is showing Critical on Librenms.

My plugin code:
[email protected]:/usr/lib/nagios/plugins# cat check_udp_radius
#!/bin/bash
STATE_OK=0
STATE_WARNING=1
STATE_CRITICAL=2
STATE_UNKNOWN=3
STATE_DEPENDENT=4

result=/usr/bin/nmap -sU -p 1812 192.168.20.20
#echo $result

if [[ $result != “udp open” ]]; then
echo “OK: Radius UDP 1812 is openning”
exit ${STATE_OK}
else
echo “CRITICAL: Radius UDP 1812 is down”
exit ${STATE_CRITICAL}
fi
[email protected]:/usr/lib/nagios/plugins#

Probably little to do with LibreNMS, but two observations:

  1. the nmap call you are making requires root privileges
  2. the bash script has a couple of errors

See this for ./check-services.php -d debugging to get more script output/feedback about other potential issues: Nagios Plugins - LibreNMS Docs

I predict you’ll see this in the output:

You requested a scan type which requires root privileges.
QUITTING!
Perf Data - None.
Response: “CRITICAL: Radius UDP 1812 is down”

So either get sudo working correctly for nmap and fix the script errors, or switch to netcat (see further down).

If you’re staying with the method you have, your bash if block and the result call should be something more like:

result=$(/usr/bin/nmap -sU -p 1812 x.x.x.x)
...
if [[ $( echo $result | grep "udp open") ]]; then
...

You’d have to get sudo going though, which will have its own challenges.

If you want to use netcat, you could do it as lazily as this:

nc -v -u -z -w 3 x.x.x.x 1812 > /dev/null 2>&1
...
if [[ $? -eq 0 ]]; then
...

Note that on my distro, I need the verbose -v flag to get nc return codes, and in the case of success it will output something like Connection to x.x.x.x 1812 port [udp/syslog] succeeded! - hence the /dev/null redirect. Best do your own netcat testing/research to find the best method.

Thank you rhinoau! :slight_smile: it requires root privileges. The nmap requires root perms to scan the port.
Do you know what to do with this?
Add the following to /etc/sudoers??, it looks for NAGIOSXI:
NAGIOSXI ALL = NOPASSWD:/usr/local/nagios/libexec/check_udp_port *

################################################
[email protected]:~$ ./check-services.php -d
DEBUG!
Starting service polling run:

SQL[SELECT D.,S.,attrib_value FROM devices AS D INNER JOIN services AS S ON S.device_id = D.device_id AND D.disabled = 0 LEFT JOIN devices_attribs as A ON D.device_id = A.device_id AND A.attrib_type = “override_icmp_disable” ORDER by D.device_id DESC; [] 11.31ms]

Nagios Service - 12
Request: ‘/usr/lib/nagios/plugins/check_udp_port’ ‘-H’ ‘10.102.34.19’ ‘-H’ ‘10.102.34.19’ ‘-p’ ‘1812’ ‘-s’ ‘radius’
You requested a scan type which requires root privileges.
QUITTING!
Perf Data - None.
Response:

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.