Creating new NRPE command definitions securely

In this recipe, we'll learn how to securely create new command definitions for nrpe to run upon request by a monitoring server. We need to do this, because even if we have a huge set of plugins installed on our target host running nrpe, the daemon will only run commands defined in its configuration file.

We'll also learn how arguments can be passed to these commands, if strictly necessary, and about the potentially negative security consequences of this.

Getting ready

You should have a target host configured for checking in a Nagios Core 4.0 or later monitoring server. The target host should be running the nrpe daemon. You can verify that nrpe is running with pgrep(1) or ps(1):

# pgrep nrpe
29964
# ps ...

Get Nagios Core Administration Cookbook - Second Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Nagios Core Administration Cookbook - Second Edition by Tom Ryder

Creating new NRPE command definitions securely

Getting ready

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly