{"id":46213,"date":"2024-05-07T06:45:57","date_gmt":"2024-05-07T06:45:57","guid":{"rendered":"https:\/\/www.devopsschool.com\/blog\/?p=46213"},"modified":"2024-05-29T03:05:10","modified_gmt":"2024-05-29T03:05:10","slug":"icinga-how-to-add-new-remote-server-check-in-icinga2-with-ssh-protocol","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/blog\/icinga-how-to-add-new-remote-server-check-in-icinga2-with-ssh-protocol\/","title":{"rendered":"icinga: How to add new remote server check in icinga2 with SSH Protocol"},"content":{"rendered":"
To add a new<\/span> remote server for<\/span> monitoring in Icinga 2<\/span> using SSH checks, you'll need to configure SSH access between your Icinga 2 master server and the remote server, and then set up the necessary check commands to execute monitoring tasks over SSH. Here\u2019s a detailed step-by-step guide on how to do it:\n\nStep 1: Set Up SSH Key Authentication\nGenerate SSH Key on the Master Server:\nIf you do not already have an SSH key, generate one on your Icinga 2 master server:\n\nssh-keygen -t rsa -b 2048\nFollow the prompts, and choose a secure location to save the key (if not using the default).\nCopy the SSH Public Key to the Remote Server:\nUse ssh-copy-id to copy the public key to the remote server. This enables passwordless SSH access:\n\nssh-copy-id -i ~\/.ssh\/id_rsa.pub your-username@remote-server-ip\nReplace your-username with the appropriate user on the remote server that has the necessary permissions to execute monitoring plugins.\n\nStep 2: Install Necessary Plugins on the Remote Server\nInstall Monitoring Plugins:\nEnsure that the necessary monitoring plugins are installed on the remote server. These are typically available in the monitoring-plugins package:\n\nsudo apt-get install monitoring-plugins\n\nStep 3: Configure Icinga 2 for SSH Checks\nDefine Check Commands:\nDefine a new check command on the master server to perform checks over SSH. Edit your commands configuration file (e.g., \/etc\/icinga2\/conf.d\/commands.conf):\n\nobject CheckCommand \"ssh-disk\" {\n  import \"plugin-check-command\"\n  command = [ PluginDir + \"\/check_by_ssh\" ]\n\n  arguments = {\n    \"-H\" = \"$address$\"\n    \"-C\" = \"$ssh_command$\"\n    \"-l\" = \"$user$\"\n    \"-i\" = \"$ssh_identity_file$\"\n  }\n\n  vars.user = \"your-username\"\n  vars.ssh_identity_file = \"\/home\/your-username\/.ssh\/id_rsa\"\n  vars.ssh_command = \"\/usr\/lib\/nagios\/plugins\/check_disk -w 20% -c 10%\"\n}\nAdjust vars.ssh_command with the appropriate monitoring command and thresholds.\n\nStep 4: Configure Host and Service Objects\nAdd the Remote Host:\nDefine the remote server in your host configuration file (e.g., \/etc\/icinga2\/conf.d\/hosts.conf):\n\nobject Host \"remote-server\" {\n  import \"generic-host\"\n  address = \"remote-server-ip\"\n  check_command = \"hostalive\"\n  vars.os = \"Linux\"\n}\nAdd Services Using SSH Checks:\nDefine a service that uses the SSH check command in your services configuration file (e.g., \/etc\/icinga2\/conf.d\/services.conf):\n\napply Service \"ssh-disk-check\" {\n  import \"generic-service\"\n  check_command = \"ssh-disk\"\n  assign where host.name == \"remote-server\"\n}\n\nStep 5: Reload Icinga 2 Configuration\nCheck Configuration for Errors:\nBefore reloading the service, check the configuration for any errors:\n\nsudo icinga2 daemon -C\nReload Icinga 2:\nIf there are no configuration errors, reload Icinga 2 to apply changes:\n\nsudo systemctl reload icinga2\nStep 6: Verify and Monitor\nVerify Operation:\nLog into Icinga Web 2 and check that the new service is reporting correctly.\nEnsure that the SSH checks are returning the expected results.\nBy following these steps, you will successfully add a new remote server to your Icinga 2 monitoring setup using SSH checks. This method is beneficial when you cannot install the Icinga 2 agent on a remote server but still have SSH access.<\/span><\/code><\/span>Code language:<\/span> PHP<\/span> (<\/span>php<\/span>)<\/span><\/small><\/pre>","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"_joinchat":[],"footnotes":""},"categories":[8217],"tags":[],"class_list":["post-46213","post","type-post","status-publish","format-standard","hentry","category-icinga"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/46213","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/comments?post=46213"}],"version-history":[{"count":1,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/46213\/revisions"}],"predecessor-version":[{"id":46214,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/46213\/revisions\/46214"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media?parent=46213"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/categories?post=46213"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/tags?post=46213"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}