NRPE

  • Llama (LMA) Charmers
Channel Revision Published Runs on
latest/stable 135 13 Nov 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04 Ubuntu 14.04
latest/stable 106 28 Jul 2023
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04 Ubuntu 14.04
latest/stable 75 09 Feb 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04 Ubuntu 14.04
latest/stable 74 26 Jul 2021
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04 Ubuntu 14.04
latest/candidate 135 31 Oct 2024
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04 Ubuntu 14.04
latest/candidate 106 05 Jul 2023
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04 Ubuntu 14.04
latest/candidate 75 09 Feb 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04 Ubuntu 14.04
latest/candidate 74 19 Jul 2021
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04 Ubuntu 14.04
latest/beta 94 19 Aug 2022
Ubuntu 22.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/edge 138 08 Nov 2024
Ubuntu 22.04 Ubuntu 21.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/edge 137 08 Nov 2024
Ubuntu 22.04 Ubuntu 21.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/edge 136 08 Nov 2024
Ubuntu 22.04 Ubuntu 21.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/edge 113 20 Sep 2023
Ubuntu 22.04 Ubuntu 21.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
latest/edge 79 01 Mar 2022
Ubuntu 22.04 Ubuntu 21.04 Ubuntu 20.04 Ubuntu 18.04 Ubuntu 16.04
juju deploy nrpe
Show information

Learn to deploy on juju >

Platform:

Ubuntu
22.04 21.04 20.04 18.04 16.04 14.04

Learn about configurations >

  • arp_cache | string

    Default: -w 60 -c 80

    Enable arp cache usage check. By default, it will raise warning alert if arp cache entry is >= 60% of the threshold, and raise critical alert if arp cache entry is >= 80% of the threshold. Set to '' in order to disable this check.

  • cis_audit_enabled | boolean

    Enabled cis-audit cron job which periodically runs cis-audit and enables check_cis_audit.py which verifies that cis-audit was run recently with an acceptable score (see cis_audit_score) and optionally a specific profile (cis_audit_profile).

  • cis_audit_profile | string

    Verify that a specific cis audit profile was used for the audit. If not specified the profile will be extracted from '/var/log/cloud-init-output.log', fallback is 'level1_server'. Options are: '' (disable profile check), 'level1_server', 'level2_server', 'level1_workstation' or 'level2_workstation' See also https://ubuntu.com/security/certifications/docs/cis-audit Note that because of compatibility between Ubuntu 18.04 and 20.04, profiles are not using the 'cis_' prefix, but internally the charm is using the right profiles. E.g: level1_server is equivalent of cis_level1_server.

  • cis_audit_score | string

    Default: -w 85 -c 80

    CIS audit score threshold for alerts. Per default it only checks if hardening was run and if usg-cisbenchmark is installed and reports the score. To enable alerts base on the score this config option can be set. example: -w 85 -c 80

  • cis_audit_tailoring_file | string

    Custom cis profile xml file content. The content will be saved in /etc/usg/default-tailoring.xml. This option cannot be used with cis_audit_profile at the same time, otherwise the charm blocks. See also https://ubuntu.com/blog/cis-security-compliance-usg

  • conntrack | string

    Default: -w 80 -c 90

    Check conntrack (net.netfilter.nf_conntrack_count) against thresholds. . Set to '' in order to disable this check.

  • cpu_governor | string

    CPU governor check. The string value here will be checked against all CPUs in /sys/devices/system/cpu/cpu*/cpufreq/scaling_governor. The supported values are 'ondemand', 'performance', 'powersave'. Although this value is initially unset for most principal charms, for the following principal charms a default check for 'performance' will be deployed to aid the operator since for most use cases these applications will require all the available cpu power they need. If this value is set, the set value will take precedence over the default.

    • nova-compute
    • rabbitmq-server
    • kubernetes-worker
    • percona-cluster

  • debug | boolean

    Setting debug to True enables debug=1 in nrpe.cfg

  • disable_system_checks | boolean

    Disable all built-in system level NRPE checks. Setting this to "True" will force to disable all system level NRPE checks. By default, it's set to "False".

  • disk_root | string

    [DEPRECATED] Please use space_check config option. Root disk check. This can be made to also check non-root disk systems as follows: -u GB -w 20% -c 15% -r '/srv/juju/vol-' -C -u GB -w 25% -c 20% The string '-p /' will be appended to this check, so you must finish the string taking that into account. See the nagios check_disk plugin help for further details. . Set to '' in order to disable this check.

  • dont_blame_nrpe | boolean

    Setting dont_blame_nrpe to True sets dont_blame_nrpe=1 in nrpe.cfg This config option which allows specifying arguments to nrpe scripts. This can be a security risk so it is disabled by default. Nrpe is compiled with --enable-command-args option by default, which this option enables.

  • export_nagios_definitions | boolean

    If True nagios check definitions are written to '/var/lib/nagios/export' and rync is configured to allow nagios_master to collect them. Useful when Nagios is outside of the juju environment

  • hostcheck_inherit | string

    Default: server

    Hostcheck to inherit

  • hostgroups | string

    Comma separated list of hostgroups to add for these hosts

  • lacp_bonds | string

    LACP bond interfaces, space-delimited (ie. 'bond0 bond1')

  • load | string

    Default: auto

    Load check arguments (e.g. "-w 8,8,8 -c 15,15,15"); if 'auto' is set, thresholds will be set to multipliers of processor count for 1m, 5m and 15m thresholds, with warning as "(4, 2, 1)", and critical set to "(8, 4, 2)". So if you have two processors, you'd get thresholds of "-w 8,4,2 -c 16,8,4". . Set to '' in order to disable this check.

  • mem | string

    Default: -C -h -u -w 85 -c 90

    Check memory % used. By default, thresholds are applied to the non-hugepages portion of the memory. . Set to '' in order to disable this check.

  • monitors | string

    Additional monitors defined in the monitors yaml format (see README)

  • nagios_address_type | string

    Default: private

    Determines whether the nagios host check should use the private or public IP address of an instance. Can be "private" or "public".

  • nagios_host_context | string

    Default: juju

    A string which will be prepended to instance name to set the host name in nagios. So for instance the hostname would be something like: juju-postgresql-0 If you're running multiple environments with the same services in them this allows you to differentiate between them.

  • nagios_hostname_type | string

    Default: auto

    Determines whether a server is identified by its unit name or host name. If you're in a virtual environment, "unit" is probably best. If you're using MaaS, you may prefer "host". Use "auto" to have nrpe automatically distinguish between metal and non-metal hosts.

  • nagios_master | string

    Default: None

    IP address of the nagios master from which to allow NRPE access, and/or rsync if export_nagios_definitions is set to True. This setting allows the Nagios servers listed to connect to NRPE in addition to any added by relation data.

  • netlinks | string

    Network interfaces to monitor for correct link state, MTU size and speed negotiated. The first argument is either an interface name or a CIDR expression. Parsed keywords are "mtu", "speed", and "op". Other keywords are ignored. . Note that CIDR expressions can match multiple devices. . For example (multi-line starts with pipe):

    • 10.1.2.0/24 mtu:9000 speed:25000
    • eth0 mtu:9000 speed:25000
    • lo mtu:65536 op:unknown
    • br0-mgmt mtu:9000
    • br0-sta mtu:9000
    • br0-stc mtu:9000
    • br0-api mtu:1500
    • bond0 mtu:9000 speed:50000
    • bond0.25 mtu:1500 speed:50000
    • ens3 mtu:1500 speed:-1 desc:openstack_iface
    • ...

  • netlinks_skip_unfound_ifaces | boolean

    add --skip-unfound-ifaces to check_netlinks.py.

  • procs | string

    Set thresholds for number of running processes. Defaults to disabled; to enable, specify 'auto' for the charm to generate thresholds based on processor count, or manually provide arguments for check_procs, for example: "-k -w 250 -c 300" to set warning and critical levels manually and exclude kernel threads.

  • reboot | boolean

    Default: True

    Enable reboot check, it will raise critial alert if an unknown reboot is detected via uptime --since. Use action ack-reboot to acknowledge the alert. To acknowledge on all nrpe units, e.g., after a power outage, simply disable and re-enable this option.

  • ro_filesystem_excludes | string

    Default: /snap/,/sys/fs/cgroup,/run,/var/lib/docker

    Comma separated list of mount points to exclude from checks for readonly filesystem. Can be a substring rather than the entire mount point, e.g. /sys will match all filesystems beginning with the string /sys. The check is disabled on all LXD units, and also for non-container units if this parameter is set to ''.

  • server_port | int

    Default: 5666

    Port on which nagios-nrpe-server will listen

  • space_check | string

    Default: check: auto auto_params: -w 25% -c 20% -K 5%

    Disk space check. See the nagios check_disk plugin help for further details. . Set to "check: auto" to leave the charm discover and set default threshold for all detected mountpoints/block devices. Defaults threshold are set as a config entry in the yaml, for example auto_params: "-w 25% -c 20% -K 5%". . Set to 'check: disabled' in order to disable this check. . Config gets yaml as input, check can be either 'auto' or 'disabled'. Override values can be specified as a list in the overrides section of the yaml config. Example yaml formatted config: check: auto auto_params: -u GB -w 25% -c 20% -K 5% overrides:

    • mountpoint: / params: -u GB -w 20% -c 5% -K 5%
    • mountpoint: /var/tmp params: -u GB -w 15% -c 7% -K 3%
    • mountpoint: /var/log params: -u GB -w 10% -c 5% -K 2%

  • sub_postfix | string

    A string to be appended onto all the nrpe checks created by this charm to avoid potential clashes with existing checks

  • swap | string

    Check swap utilisation. See the nagios check_swap plugin help for further details. The format looks like "-w 40% -c 25%" . Set to '' in order to disable this check.

  • swap_activity | string

    Default: -i 5 -w 10240 -c 40960

    Swapout activity check. Thresholds are expressed in kB, interval in seconds. . Set to '' in order to disable this check.

  • systemd_scopes | string

    Default: -e 25 -E 50 -a 25 -A 25

    Set thresholds for abandoned and error state scopes in systemd.

    Threshold for scopes in error state: -e WARN_THRESH, --warn-error WARN_THRESH At the specified threshold number of error state scopes, raise a nagios WARN state (default: 25) -E CRIT_THRESH, --crit-error CRIT_THRESH At the specified threshold number of error state scopes, raise a nagios CRIT state (default: 50)

    Thresholds for scopes in abandoned state: -a WARN_THRESH, --warn-abandoned WARN_THRESH At the specified threshold number of abandoned state scopes, raise a nagios WARN state (default: 25) -A CRIT_THRESH, --crit-abandoned CRIT_THRESH At the specified threshold number of abandoned state scopes, raise a nagios CRIT state (default: 50)

    Set to '' in order to disable this check.

  • users | string

    Set thresholds for number of logged-in users. Defaults to disabled; to enable, manually provide arguments for check_user, for example: "-w 20 -c 25"

  • xfs_errors | string

    dmesg history length to check for xfs errors, in minutes . Defaults to disabled, set the time to enable.

  • zombies | string

    Zombie processes check; defaults to disabled. To enable, set the desired check_procs arguments pertaining to zombies, for example: "-w 3 -c 6 -s Z"