Tag Archives: things

A series of new IoT botnets plague connected devices

Internet of things botnets continue to plague connected devices with two new botnets appearing this week.

The first of the IoT botnets causing trouble was discovered by security researchers at Bitdefender and is called Hide ‘N Seek, or HNS. HNS was first noticed on January 10, “faded away” for a few days and then reemerged on January 20 in a slightly different form, according to Bitdefender senior e-threat analyst Bogdan Botezatu. Since then, HNS — which started with only 12 compromised devices — had amassed over 32,000 bots worldwide as of January 26. Most of the affected devices are Korean-manufactured IP cameras.

“The HNS botnet communicates in a complex and decentralized manner and uses multiple anti-tampering techniques to prevent a third party from hijacking/poisoning it,” Botezatu explained in his analysis of HNS, also noting that the bot can perform device exploits similar to those done by the Reaper botnet. “The bot embeds a plurality of commands such as data exfiltration, code execution and interference with a device’s operation.”

Botezatu also explained that HNS works sort of like a worm in that it uses a randomly generated list of IP addresses to get potential targets. The list of targets can be updated in real time as the botnet grows or bots are lost or gained. Luckily, like other IoT botnets, the HNS “cannot achieve persistence” and a device reboot will remove it from the botnet.

“While IoT botnets have been around for years, mainly used for DDoS attacks, the discoveries made during the investigation of the Hide and Seek bot reveal greater levels of complexity and novel capabilities such as information theft — potentially suitable for espionage or extortion,” Botezatu said.

Unlike other recent IoT botnets, HNS is different from the infamous Mirai malware, and is instead similar to the Hajime botnet. Like Hajime, HNS has a “decentralized peer-to-peer architecture.”

The Masuta botnets

Two other new botnets on the scene do show similarities to Mirai, however.

The Masuta and PureMasuta variant were discovered by researchers at the company NewSky Security and appear to be the work of the Satori botnet creators. The Satori botnet targeted Huawei routers earlier this month, and the Masuta botnets now also target home routers.

According to the research from NewSky Security, Masuta shares a similar attack method with Mirai and uses weak, known or default credentials to access the targeted devices. PureMasuta is a bit more sophisticated and exploits a network administration bug uncovered in 2015 in D-Link’s Home Network Administration Protocol, which relies on the Simple Object Access Protocol to manage device configuration.

“Protocol exploits are more desirable for threat actors as they usually have a wider scope,” Ankit Anubhav, principal researcher at NewSky Security, wrote in the analysis of the botnets. “A protocol can be implemented by various vendors/models and a bug in the protocol itself can get carried on to a wider range of devices.”

PureMasuta has been infecting devices since September 2017.

In other news

  • Kaspersky Lab filed a preliminary injunction as part of its appeal against the U.S. Department of Homeland Security’s ban on the use of the company’s products in government agencies. The ban was originally issued in September 2017 in response to concerns that the Moscow-based security company helped the Russian government gather data on the U.S. through its antivirus software and other products. The ban, Binding Operational Directive (BOD) 17-01, was reinforced in December 2017 in the National Defense Authorization Act, despite offers from Kaspersky to have the U.S. government investigate its products and operations. In response to the National Defense Authorization Act, Kaspersky Lab filed a lawsuit against the U.S. government saying that the ban was unconstitutional. As part of the lawsuit, the injunction would, for now, stop the government ban on BOD 17-01.
  • The PCI Security Standards Council (PCI SSC) published new security requirements for mobile point-of-sale systems. The requirements focus on software-based PIN entry on commercial off-the-shelf (COTS) mobile devices. Requirements already exist for hardware-based devices that accept PINs, so these standards expand on them. The so-called PCI Software-Based PIN Entry on COTS (SPoC) Standard introduces a “requirement for a back-end monitoring system for additional external security controls such as attestation (to ensure the security mechanisms are intact and operational), detection (to notify when anomalies are present) and response (controls to alert and take action) to address anomalies,” according to PCI SSC CTO Troy Leach. The standard consists of two documents: the Security Requirements for solution providers, including designers of applications that accept PINS; and the Test Requirements, which “create validation mechanisms for payment security laboratories to evaluate the security” of the PIN processing apps. The SPoC security requirements focus on five core principles, according to Leach:
    • isolation of the PIN from other account data;
    • ensuring the software security and integrity of the PIN entry application on the COTS device;
    • active monitoring of the service, to mitigate against potential threats to the payment environment within the phone or tablet;
    • Required Secure Card Reader for PIN (SCRP) to encrypt and maintain confidentiality of account data; and
    • transactions restricted to EMV contact and contactless.
  • Alphabet, best known for being Google’s parent company, launched a new cybersecurity company — Chronicle. Chronicle is an offshoot of the group X and will be a stand-alone company under Alphabet. Former Symantec COO Stephen Gillett will be the company’s CEO. Chronicle offers two services to enterprises: a security intelligence and analytics platform and VirusTotal, an online malware and virus scanner Google acquired in 2012. “We want to 10x the speed and impact of security teams’ work by making it much easier, faster and more cost-effective for them to capture and analyze security signals that have previously been too difficult and expensive to find,” Gillett said in a blog post announcing the company launch. “We are building our intelligence and analytics platform to solve this problem.” The announcement did not provide many specifics, but the launch could pose a significant threat to cybersecurity vendors that do not have access to the same resources as a company with the same parent as Google.

For Sale – Cryorig H7 Quad Lumi RGB & x2 be quiet! SilentWings 3 140mm PWM Fans

A couple things for sale.

Cryorig H7 Quad Lumi RGB (Used once)
£47 delivered
[​IMG]


x2 be quiet! SilentWings 3 140mm PWM (Used for 10 mins))
£27 delivered
[​IMG]

Price and currency: £47 & £27
Delivery: Delivery cost is included within my country
Payment method: PP
Location: Great Missenden
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – Cryorig H7 Quad Lumi RGB & x2 be quiet! SilentWings 3 140mm PWM Fans

A couple things for sale.

Cryorig H7 Quad Lumi RGB (Used once)
£47 delivered
[​IMG]


x2 be quiet! SilentWings 3 140mm PWM (Used for 10 mins))
£27 delivered
[​IMG]

Price and currency: £49
Delivery: Delivery cost is included within my country
Payment method: PP
Location: Great Missenden
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – Cryorig H7 Quad Lumi RGB & x2 be quiet! SilentWings 3 140mm PWM Fans

A couple things for sale.

Cryorig H7 Quad Lumi RGB (Used once)
£49 delivered
[​IMG]


x2 be quiet! SilentWings 3 140mm PWM (Used for 10 mins))
£30 delivered
[​IMG]

Price and currency: £49
Delivery: Delivery cost is included within my country
Payment method: PP
Location: Great Missenden
Advertised elsewhere?: Advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

How to Monitor Hyper-V Performance using PNP4Nagios

At a high level, you need three things to run a trouble-free datacenter (even if your datacenter consists of two mini-tower systems stuffed in a closet): intelligent architecture, monitoring, and trend analysis. Intelligent architecture consists of making good purchase decisions and designing virtual machines that can appropriately handle their load. Monitoring allows you to prevent or respond quickly to emergent situations. Trend analysis helps you to determine how well your reality matches your projections and greatly assists in future architectural decisions. In this article, we’re going to focus on trend analysis. We will set up a data collection and graphing system called “PNP4Nagios” that will allow you to track anything that you can measure. It will hold that data for four years. You can display it in graphs on demand.

What You Get

I know that intro was a little heavy. So, to put it more simply, I’m giving you graphs. Want to know how much CPU that VM has been using? Trying to figure out how quickly your VMs are filling up your Cluster Shared Volumes? Curious about a VM’s memory usage? We have all of that.

Where I find it most useful: Getting rid of vendor excuses. We all have at least one of those vendors that claim that we’re not providing enough CPU or memory or disk or a combination. Now, you can visually determine the reasonableness of their demands.

First, the host and service screens in Nagios will get a new graph icon next to every host and service that track performance data. Also, hovering over one of those graph icons will show a preview of the most recent chart:

p4n_mainscreen

Second, clicking any of those icons will open a new tab with the performance data graph for the selected item.

p4n_chartpage

Just as the Nagios pages periodically refresh, the PNP4Nagios page will update itself.

Additionally, you can do the following:

  • Click-dragging a section on a graph will cause it to zoom. If you’ve ever used the zoom feature in Performance Monitor, this is similar.
  • In the Actions bar, you can:
    • Set a custom time/date range to graph
    • Generate a PDF of the visible charts
    • Generate XML summary data
  • Create a “basket” of the graphs that you view most. The basket persists between sessions, so you can build a dashboard of your favorite charts

What You Need

Fortunately, you don’t need much to get going with PNP4Nagios.

Fiscal Cost

Let’s answer the most important question: what does it cost? PNP4Nagios does not require you to purchase anything. Their site does include a Donate button. If your organization finds PNP4Nagios useful, it would be good to throw a few dollars their way.

You’ll need an infrastructure to install PNP4Nagios on, of course. We’ll wrap that up into the later segments.

Nagios

As its name implies, PNP4Nagios needs Nagios. PNP4Nagios installs alongside Nagios on the same system. We have a couple of walkthroughs for installing Nagios as a Hyper-V guest, divided by distribution.

The installation really doesn’t change much between distributions. The differences lie in how you install the prerequisites and in how you configure Apache. If you know those things about your distribution, then you should be able to use either of the two linked walkthroughs to great effect. If you’d rather see something on your exact distribution, the official Nagios project has stepped up its game on documentation. If we haven’t got instructions for your distribution, maybe they do. There are still things that I do differently, but nothing of critical importance. Also, being a Hyper-V blog, I have included special items just for monitoring Hyper-V, so definitely look at the post-installation steps of my articles.

Also, if you want to use SSL and Active Directory to secure your Nagios installation, we’ve got an article for that.

Disk Space

According to the PNP4Nagios documentation, each item that you monitor will require about 400 kilobytes once it has reached maximum data retention. That assumes that you will leave the default historical interval and retention lengths. More information can be found on the PNP4Nagios site. So, 20 systems with 12 monitors apiece will use about 96 megabytes.

PNP4Nagios itself appears to use around 7 megabytes once installed and extracted.

Downloading PNP4Nagios

PNP4Nagios is distributed on Sourceforge: https://sourceforge.net/projects/pnp4nagios/files/latest/download.

As always, I recommend that you download to a standard workstation and then transfer the files to the Nagios server. Since I operate using a Windows PC and run Nagios on a Linux system, WinSCP is my choice of transfer tool.

On my Linux systems, I create a “Download” directory in my home folder and place everything there. The install portion of my instructions will be written using the file’s location as a starting point. So, for me, I begin with
cd ~/Downloads.

Installing PNP4Nagios

PNP4Nagios installs quite easily.

PNP4Nagios Prerequisites

Most of the prerequisites for PNP4Nagios automatically exist in most Linux distributions. Most of the remainder will have been satisfied when you installed Nagios. The documentation lists them: http://docs.pnp4nagios.org/pnp-0.6/about#required_software.

  • Perl, at least version 5. To check your installed Perl version:
    perl v
  • RRDTool: This one will not be installed automatically or during a regular Nagios build. Most distributions include it in their mainstream repositories. Install with your distribution’s package manager.
    • CentOS and most other RedHat-based distributions:
      sudo yum install perlrrdtool
    • SUSE-based systems:
      sudo zypper install rrdtool
    • Ubuntu and most other Debian-based distributions:
      sudo apt install rrdtool librrdsperl
  • PHP, at least version 5. This would have been installed with Nagios. Check with:
    php v
  • GD extension for PHP. You might have installed this with Nagios. Easiest way to check is to just install it; it will tell you if you’ve already got it.
    • CentOS and most other RedHat-based distributions:
      sudo yum install phpgd
    • SUSE-based systems:
      sudo zypper install phpgd
    • Ubuntu and most other Debian-based distributions:
      sudo apt install phpgd
  • mod_rewrite extension for Apache. This should have been installed along with Nagios. How you check depends on whether your distribution uses “apache2” or “httpd” as the name of the Apache executable:
    • CentOS and most other RedHat-based distributions:
      sudo httpd M | grep rewrite
    • Ubuntu, openSUSE, and most Debian and SUSE distributions:
      sudo apache2ctl M | grep rewrite
  • There will be a bit more on this in the troubleshooting section near the end of the article, but if you’re running a more current version of PHP (like 7), then you may not have the XML extension built-in. I only ran into this problem on my Ubuntu installation. I solved it with this:
    sudo apt install phpxml
  • openSUSE was missing a couple of PHP modules on my system:
    sudo zypper install phpsockets phpzlib

If you are missing anything that I did not include instructions for, you can visit one of my articles on installing Nagios. If I haven’t got one for your distribution, then you’ll need to search for instructions elsewhere.

Unpacking and Installing PNP4Nagios

As I mentioned in the download section, I place my downloaded files in ~/Downloads. I start from there (with
cd ~/Downloads). Start these directions in the folder where you placed your downloaded PNP4Nagios tarball.

  1. Unpack the tarball. I wrote these directions with version 0.6.26. Modify your command as necessary (don’t forget about tab completion!):
    tar xzf pnp4nagios0.6.26.tar.gz
  2. Move to the unpacked folder:
    cd ./pnp4nagios0.6.26/
  3. Next, you will need to configure the installer. Most of us can just use it as-is. Some of us will need to override some things, such as the Nagios user groups. To determine if that applies to you, open /usr/local/nagios/etc/nagios.cfg. Look for the following section:



    If both nagios_user and nagios_group are “nagios”, then you don’t need to do anything special.
    Regular configuration:
    ./configure
    Configuration with overrides:
    ./configure withnagiosuser=naguser withnagiosgroup=nagcmd .
    Other overrides are available. You can view them all with
    ./configure help. One useful override would be to change the location of the emitted perfdata files to an auxiliary volume to control space usage. On my Ubuntu system, I needed to override the location of the Apache conf files:
    ./configure withhttpdconf=/etc/apache2/sitesavailable

  4. When configure completes, check its output. Verify that everything looks OK. Especially pay attention to “Apache Config File” — note the value because you will access it later. If anything looks off, install any missing prerequisites and/or use the appropriate configure options. You can continue running ./configure until everything suits your needs.
  5. Compile the program:
    make all. If you have an “oh no!” moment in which you realize that you missed something, you can still re-run ./configure and then compile again.
  6. Because we’re doing a new installation, we will have it install everything:
    sudo make fullinstall. Be aware that we are now using sudo. That’s because it will need to copy files into locations that your regular account won’t have access to. For an upgrade, you’d likely only want
    sudo make install. Please check the documentation for additional notes about upgrading. If you didn’t pay attention to the output file locations during configure, they’ll be displayed to you again.
  7. We’re going to be adding a bit of flair to our Nagios links. Enable the pop-up extension with:
    sudo cp ./contrib/ssi/statusheader.ssi /usr/local/nagios/share/ssi/

Installation is complete. We haven’t wired it into Nagios yet, so don’t expect any fireworks.

Configure Apache Security for PNP4Nagios

If you just use the default Apache security for Nagios, then you can skip this whole section. As outlined in my previous article, I use Active Directory authentication. Really, all that you need to do is duplicate your existing security configuration to the new site. Remember how I told you to pay attention to the output of configure, specifically “Apache Config File”? That’s the file to look in.

My “fixed” file looks like this:

Only a single line needed to be changed to match my Nagios virtual directories.

Initial Verification of PNP4Nagios Installation

Before we go any further, let’s ensure that our work to this point has done what we expected.

  1. If you are using a distribution whose Apache enables and disables sites by symlinking into sites-available and you instructed PNP4Nagios to place its files there (ex: Ubuntu), enable the site:
    sudo a2ensite pnp4nagios.conf
  2. Restart Apache.
    1. CentOS and most other RedHat-based distributions:
      sudo service httpd restart
    2. Almost everyone else:
      sudo service apache2 restart
  3. If necessary, address any issues with Apache starting. For instance, Apache on my openSUSE box really did not like the “Order” and “Allow” directives.
  4. Once Apache starts correctly, access http://yournagiosserveraddress/pnp4nagios. For instance, my internal URL is http://nagios.siron.int/pnp4nagios. Remember that you copied over your Nagios security configuration, so you will log in using the same credentials that you use on a normal Nagios site.
  5. Fix any problems indicated by the web page. Continue reloading the Apache server and the page as necessary until you get the green light:
    p4n_greenlight
  6. Remove the file that validates the installation:
    sudo rm /usr/local/pnp4nagios/share/install.php

Installation was painless on my CentOS and Ubuntu systems. openSUSE gave me more drama. In particular, it complained about “PHP zlib extension not available” and “PHP socket extension not available”. Very easy to fix:
sudo zypper install phpsockets phpzlib. Don’t forget to restart Apache after making these changes.

Initial Configuration of Nagios for PNP4Nagios

At this point, you have PNP4Nagios mostly prepared to do its job. However, if you try to access the URL, you’ll get a message that says that it doesn’t have any data: “perfdata directory “/usr/local/pnp4nagios/var/perfdata/” is empty. Please check your Nagios config.” Nagios needs to start feeding it data.

We start by making several global changes. If you are comparing my walkthrough to the official PNP4Nagios documentation, be aware that I am guiding you to a Bulk + NPCD configuration. I’ll talk about why after the how-to.

Global Nagios Configuration File Changes

In the text editor of your choice, open /usr/local/nagios/etc/nagios.cfg. Find each of the entries that I show in the following block and change them accordingly. Some don’t need anything other than to be uncommented:

Next, open /usr/local/nagios/etc/objects/templates.cfg. At the end, you’ll find some existing commands that mention “perfdata”. After those, add the commands from the following block. If you don’t use the initial Nagios sample files, then just place these commands in any active cfg file that makes sense to you.

Configuring NPCD

The performance collection method that we’re employing involves the Nagios Perfdata C Daemon (NPCD). The default configuration will work perfectly for this walkthrough. If you need something more from it, you can edit /usr/local/pnp4nagios/etc/npcd.cfg. We just want it to run as a daemon:

Enable it to run automatically at startup.

  • Most Red Hat and SUSE based distributions:
    sudo chkconfig add npcd
  • Ubuntu and most other Debian-based distributions:
    sudo updaterc.d npcd defaults

Configuring Hosts in Nagios for PNP4Nagios Graphing

If you made it here, you’ve successfully completed all the hard work! Now you just need to tell Nagios to start collecting performance data so that PNP4Nagios can graph it.

Note: I deviate substantially from the PNP4Nagios official documentation. If you follow those directions, you will quickly and easily set up every single host and every single service to gather data. I didn’t want that because I don’t find such a heavy hand to be particularly useful. You’ll need to do more work to exert finer control. In my opinion, that extra bit of work is worth it. I’ll explain why after the how-to.

If you followed the path of least resistance, every single host in your Nagios environment inherits from a single root source. Open /usr/local/nagios/etc/objects/templates.cfg. Find the define host object with a name of generic-host. Most likely, this is your master host object. Look at its configuration:

Now that you’ve enabled performance data processing in nagios.cfg, this means that Nagios and PNP4Nagios will now start graphing for every single host in your Nagios configuration. Sound good? Well, wait a second. What it really means is that it will graph the output of the check_command for every single host in your Nagios configuration. What is check_command in this case? Probably check_ping or check_icmp. The performance data that those output are the round-trip average and packets lost during pings from the Nagios server to the host in question. Is that really useful information? To track for four years?

I don’t really need that information. Certainly not for every host. So, I modified mine to look this:

What we have:

  • Our existing hosts are untouched. They’ll continue not recording performance data just as they always have.
  • A new, small host definition called “perf-host”. It also does not set up the recording of host performance data. However, its “action_url” setting will cause it to display a link to any graphs that belong to this host. You can use this with hosts that have graphed services but you don’t want the ping statistics tracked. To use it, you would set up/modify hosts and host templates to inherit from this template in addition to whatever host templates they already inherit from. For example:
    use perfhost,generichost.
  • A new, small host definition called “perf-host-pingdata”. It works exactly like “perf-host” except that it will capture the ping data as well. The extra bit on the end of the “action_url” will cause it to draw a little preview when you mouseover the link. To use it, you will set up/modify hosts and host templates to inherit from this template in addition to whatever host templates they already inherit from. For example:
    use perfhostpingdata,generichost.

Note: When setting the inheritance:

  • perf-host or perf-host-pingdata must come before any other host templates in a use line.
  • In some instances, including a space after the comma in a use line causes Nagios to panic if the name of the host does not also have a space (ex: you are using tabs instead of spaces on the
    name generic_host line. Make sure that all of your use directives have no spaces after any commas and you will never have a problem. Ex:
    use perfhost,generichost.

Remember to check the configuration and restart Nagios after any changes to the .cfg files:

Couldn’t You Just Set a Single Root Host for Inheritance?

An alternative to the above would be:

In this configuration, perf-host inherits directly from generic-host. You could then have all of your other systems inherit from perf-host instead of generic-host. The problem is that even in a fairly new Nagios installation, a fair number of hosts already inherit from generic-host. You’d need to determine which of those you wanted to edit and carefully consider how inheritance works. If you’re going to all of that trouble, it seems to me that maybe you should just directly edit the generic-host template and be done with it.

Truthfully, I’m only telling you what I do. Do whatever makes sense to you.

Configuring Services in Nagios for PNP4Nagios Graphing

You’ll get much more use of out service graphing than host graphing. Just as with hosts, the default configuration enables performance graphing for all services. Not all services emit performance data, and you may not want data from all services that do produce data. So, let’s fine-tune that configuration as well.

Still in /usr/local/nagios/etc/objects/templates.cfg, find the define service object with a name of generic-service. Disable performance data collection on it and add a stub service that enables performance graphing:

When you want to capture performance data from a service, prepend the new stub service to its use line. Ex:
use perfservice,genericservice. The warnings from the host section about the order of items and the lack of a space after the comma in the use line transfer to the service definition.

Remember to check the configuration and restart Nagios after any changes to the .cfg files:

Example Configurations

In case the above doesn’t make sense, I’ll show you what I’m doing.

Most of the check_nt services emit performance data. I’m especially interested in CPU, disk, and memory. The uptime service also emits data, but for some reason, it doesn’t use the defined “counter” mode. Instead, it’s just a graph that steadily increases at each interval until you reboot, then it starts over again at zero. I don’t find that terribly useful, especially since Nagios has its own perfectly capable host uptime graphs. So, I first configure the “windows-server” host to show the performance action_url. Then I configure the desired default Windows services to capture performance data.

My /usr/local/nagios/etc/objects/windows.cfg:

Now, my hosts that inherit from the default Windows template have the extra action icon, but my other hosts do not:

p4n_hostswithiconsThe same story on the services page; services that track performance data have an icon, but the others do not:

p4n_serviceswithicons

Troubleshooting your PNP4Nagios Deployment

Not getting any data? First of all, be patient, especially when you’re just getting started. I have shown you how to set up the bulk mode with NPCD which means that data captures and graphing are delayed. I’ll explain why later, but for now, just be aware that it will take some time before you get anything at all.

If it’s been some time, say, 15 minutes, and you’re still not getting any data. Go to verify.pnp4nagios.org/ and download the verify_pnp_config file. Transfer it to your Nagios host. I just plop it into my Downloads folder as usual. Navigate to the folder where you placed yours, then run:

That should give you the clues that you need to fix most any problems.

I did have one leftover problem, but only my Ubuntu system where I had updated to PHP 7. The verify script passed everything, but trying to load any PNP4Nagios page gave me this error: “Call to undefined function simplexml_load_file()”. I only needed to install the PHP XML package to fix that:
sudo apt install phpxml. I didn’t look up the equivalent on the other distributions.

Plugin Output for Performance Graphing

To determine if a plugin can be graphed, you could just look at its documentation. Otherwise, you’ll need to manually execute it from /usr/local/nagios/libexec. For instance, we’ll just use the first one that shows up on an Ubuntu system, check_apt:

p4n_testcheckoutput

See the pipe character (|) there after the available updates report? Then the jumble of characters after that? That’s all in the standard format for Nagios performance charting. That format is:

  1. A pipe character after the standard Nagios service monitoring result.
  2. A human-readable label. If the label includes any special characters, the entire label should be enclosed in single quotes.
  3. An equal sign (=)
  4. The reported value.
  5. Optionally, a unit of measure.
  6. A semi-colon, optionally followed by a value for the warning level. If the warning level is visible on the produced chart, it will be indicated by a horizontal yellow line.
  7. A semi-colon, optionally followed by a value for the critical level. If the warning level is visible on the produced chart, it will be indicated by a horizontal red line.
  8. A semicolon, optionally followed by the minimum value for the chart’s y-axis. Must be the same unit of measure as the value in #4. If not specified, PNP4Nagios will automatically set the minimum value. If this value would make the current value invisible, PNP4Nagios will set its own minimum.
  9. A semicolon, optionally followed by the maximum value for the chart’s y-axis. Must be the same unit of measure as the value in #4. If not specified, PNP4Nagios will automatically set the maximum value. If this value would make the current value invisible, PNP4Nagios will set its own maximum.

This format is defined by Nagios and PNP4Nagios conforms to it. You can read more about the format at: verify.pnp4nagios.org/

My plugins did not originally emit any performance data. I have been working on that and should hopefully have all of that work completed before you read this article.

My PNP4Nagios Configuration Philosophy

I had several decision points when setting up my system. You may choose to diverge as it meets your needs. I’ll use this section to explain why I made the choices that I did.

Why “Bulk with NPCD” Mode?

Initially, I tried to set up PNP4Nagios in “synchronous” mode. That would cause Nagios to instantly call on PNP4Nagios to generate performance data immediately after every check’s results were returned. I chose that initially because it seemed like the path of least resistance.

It didn’t work for me. I’m betting that I did something wrong. But, I didn’t get my problem sorted out. I found a lot more information on the NPCD mode. So, I switched. Then I researched the differences. I feel like I made the correct choice.

You can read up on the available modes yourself: http://docs.pnp4nagios.org/pnp-0.6/modes.

In synchronous mode, Nagios can’t do anything while PNP4Nagios processes the return information. That’s because it all occurs in the same thread; we call that behavior “blocking”. According to the PNP4Nagios documentation, that method “will work very good up to about 1,000 services in a 5-minute interval”. I assume that’s CPU-driven, but I don’t know. I also don’t know how to quantify or qualify “will work very good”. I also don’t know what sort of environments any of my readers are using.

Bulk mode moves the processing of data from per-return-of-results to gathering results for a while and then processing them all at once. The documentation says that testing showed that 2,000 services were processed in .06 seconds. That’s easier to translate to real-world systems, although I still don’t know the overall conditions that generated that benchmark.

When we add NPCD onto bulk mode, then we don’t block Nagios at all. Nagios still does the bulk gathering, but NPCD processes the data, not Nagios. I chose this method as it means that as long as your Nagios system is multi-core and not already overloaded, you should not encounter any meaningful interruption to your Nagios service by adding PNP4Nagios. It should also work well with most installation sizes. For really big Nagios/PNP4Nagios installations (also not qualified or quantified), you can follow their instructions on configuring “Gearman Mode”.

One drawback to this method: Your “4 Hour” charts will frequently show an empty space at the right of their charts. That’s because they will be drawn in-between collection/processing periods. All of the data will be filled in after a few minutes. You just may not have instant gratification.

Why Not Just Allow Every Host and Service to be Monitored?

The default configuration of PNP4Nagios results in every single host and every single service being enabled for monitoring. From an “ease-of-configuration” standpoint, that’s tempting. Once you’ve set the globals, you literally don’t have to do anything else.

However, we are also integrating directly with Nagios’ generated HTML pages. Whereas PNP4Nagios can determine that a service doesn’t have performance data because Nagios won’t have generated anything, the front-end just has an instruction to add a linked icon to every single service. So, if you just globally enable it, then you’ll get a lot of links that don’t work.

If you’re the only person using your environment, maybe that’s OK. But, if you share the environment, then you’ll start getting calls wanting to you to “fix” all those broken links. It won’t take long before you’re spending more time explaining (and re-explaining) that not all of the links have anything to show.

Why Not Just Change the Inheritance Tree?

If you want, you could have your performance-enabled hosts and services inherit from the generic-host/generic-service templates, then have later templates, hosts, and services inherit from those. If that works for you, then take that approach.

I chose to employ multiple inheritance as a way of overriding the default templates because it seemed like less effort to me. When I went to modify the services, I simply copied “perf-service,” to the clipboard and then selectively pasted it into the use line of every service that I wanted. It worked easier for me than a selective find-replace operation or manual replacement. It also seems to me that it would be easier to revert that decision if I make a mistake somewhere.

I can envision very solid arguments for handling this differently. I won’t argue. I just think that this approach was best for my situation.

For Sale – Lots of Hard Drives, Belkin Thunderbolt 3 Docks & an Apple Wireless Keyboard!

I went a bit crazy on Black Friday buying things and then finding something better/more suitable… I have an option to return them but am happy to offer them to folks at the Black Friday prices I paid. I’ve listed the prices I paid and then the current Amazon prices in brackets for reference. As such, please no silly offers as I can get the full amount back!

Everything is brand new, boxed and sealed apart from one of the Belkin Thunderbolt 3 docks which has been used for about 3 hours before realising it was unnecessary as an external hard drive did everything required!

Seagate 12TB Ironwolf Internal/NAS Hard Drive – £350 (£399)

WD Elements 3TB USB External Hard Drive – £77 (£109)

WD Elements 4TB USB External Hard Drive – £90 (£109)

Seagate Backup Plus 5TB Blue USB External Hard Drive – £115 (£141)

WD MyBook 8TB Desktop External Hard Drive – £177 (£204)

SanDisk SSD Plus 480Gb SSD – £110 (£125)

Crucial MX300 275Gb SSD – £73 (£79)

2 x Crucial MX300 1050Gb (1TB) SSD – £205 (£250)

2 x Belkin Thunderbolt 3 Dock – £200 opened, £225 Brand New (£300) This was bought from Apple so not Amazon priced…

Apple Magic Keyboard – Used but I still have the box, it’s the original Magic one so requires batteries. I’ve used it at home as part of my Media Centre for a couple of years but no longer need it. £50

I can post photos if required but hopefully my trader rating vouches for me and saves me the effort!!!

Cheers

Price and currency: Various
Delivery: Delivery cost is included within my country
Payment method: PPG
Location: Bromsgrove
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – Lots of Hard Drives, Belkin Thunderbolt 3 Docks & an Apple Wireless Keyboard!

I went a bit crazy on Black Friday buying things and then finding something better/more suitable… I have an option to return them but am happy to offer them to folks at the Black Friday prices I paid. I’ve listed the prices I paid and then the current Amazon prices in brackets for reference. As such, please no silly offers as I can get the full amount back!

Everything is brand new, boxed and sealed apart from one of the Belkin Thunderbolt 3 docks which has been used for about 3 hours before realising it was unnecessary as an external hard drive did everything required!

Seagate 12TB Ironwolf Internal/NAS Hard Drive – £350 (£399)

WD Elements 3TB USB External Hard Drive – £77 (£109)

WD Elements 4TB USB External Hard Drive – £90 (£109)

Seagate Backup Plus 5TB Blue USB External Hard Drive – £115 (£141)

WD MyBook 8TB Desktop External Hard Drive – £177 (£204)

SanDisk SSD Plus 480Gb SSD – £110 (£125)

Crucial MX300 275Gb SSD – £73 (£79)

2 x Crucial MX300 1050Gb (1TB) SSD – £205 (£250)

2 x Belkin Thunderbolt 3 Dock – £200 opened, £225 Brand New (£300) This was bought from Apple so not Amazon priced…

Apple Magic Keyboard – Used but I still have the box, it’s the original Magic one so requires batteries. I’ve used it at home as part of my Media Centre for a couple of years but no longer need it. £50

I can post photos if required but hopefully my trader rating vouches for me and saves me the effort!!!

Cheers

Price and currency: Various
Delivery: Delivery cost is included within my country
Payment method: PPG
Location: Bromsgrove
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

For Sale – Lots of Hard Drives, Belkin Thunderbolt 3 Docks & an Apple Wireless Keyboard!

I went a bit crazy on Black Friday buying things and then finding something better/more suitable… I have an option to return them but am happy to offer them to folks at the Black Friday prices I paid. I’ve listed the prices I paid and then the current Amazon prices in brackets for reference. As such, please no silly offers as I can get the full amount back!

Everything is brand new, boxed and sealed apart from one of the Belkin Thunderbolt 3 docks which has been used for about 3 hours before realising it was unnecessary as an external hard drive did everything required!

Seagate 12TB Ironwolf Internal/NAS Hard Drive – £350 (£399)

WD Elements 3TB USB External Hard Drive – £77 (£109)

WD Elements 4TB USB External Hard Drive – £90 (£109)

Seagate Backup Plus 5TB Blue USB External Hard Drive – £115 (£141)

WD MyBook 8TB Desktop External Hard Drive – £177 (£204)

SanDisk SSD Plus 480Gb SSD – £110 (£125)

Crucial MX300 275Gb SSD – £73 (£79)

2 x Crucial MX300 1050Gb (1TB) SSD – £205 (£250)

2 x Belkin Thunderbolt 3 Dock – £200 opened, £225 Brand New (£300) This was bought from Apple so not Amazon priced…

Apple Magic Keyboard – Used but I still have the box, it’s the original Magic one so requires batteries. I’ve used it at home as part of my Media Centre for a couple of years but no longer need it. £50

I can post photos if required but hopefully my trader rating vouches for me and saves me the effort!!!

Cheers

Price and currency: Various
Delivery: Delivery cost is included within my country
Payment method: PPG
Location: Bromsgrove
Advertised elsewhere?: Not advertised elsewhere
Prefer goods collected?: I have no preference

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Announcing the Skype Professional Account Preview—doing business online made easy

People use Skype for lots of different things: chatting with friends and family, of course, but also giving music lessons, tutoring, consulting, and a whole lot more. We’re thrilled to announce that very soon these business owners and instructors are going to see some big changes with the way they use Skype.

The Skype Professional Account desktop client, soon to be released in preview in the U.S., adds powerful new features to Skype to make doing your online business a whole lot easier. In addition to meeting with your clients as you have been on Skype, you can also book those meetings, accept payments, and keep notes—all in one place.

If you’re a language or music teacher who works online—or a personal trainer, or a chess instructor, or any one of hundreds of other remote service providers—you’re probably using a combination of different platforms to organize and give sessions across Skype. You might use email to arrange a Skype call, calendar software to manage your Skype meeting schedule, and a third-party provider to coordinate and accept online payments. And you might be paying a pretty penny for some of these services.

Skype Professional Account gives you the power to do all that from one app for free during the preview. From French tutors to yoga instructors, you’ll be able to book lessons, accept payments, and give lessons all from one place, seamlessly. Plus, we’ve added an enhanced profile page to help improve your online presence and a dedicated website for your small business right in Skype. Your contacts will be able to see pertinent info like your hours and business offerings.

A laptop displays an instructor using Skype Professional Account. The image is accompanied by a screenshot.

All the features work together. For example, a payment request can be sent along with a booking. You’ll also be able to see all your notes without leaving the app. In addition, you’ll be able to easily port your contacts over to the Skype Professional Account Preview desktop client while your customers and clients continue to use their familiar Skype app to work with you.

As for your customers, in addition to searching for friends and groups they want on Skype, they’ll be able to find businesses as well. That means they can now look for the kind of professional they want to work with—maybe a financial planner in their time zone with over ten years of experience, or a career coach who’s worked in the healthcare industry.

Skype Professional Account will make it easier for thousands of service providers to connect with their customers and conduct their business—all in one place. We have limited spots available for the preview. Fill out a survey by visiting the Skype Professional Account homepage to have the opportunity to join. By the way, we’re busy working hard on several other exciting features we want to add to this app, so stay tuned for updates.

Check out what violin teacher Laurel Thomsen has to say about Skype Professional Account. Laurel was one of our early adopters who participated in the alpha program for Skype Professional Account.

We look forward to hearing your feedback in the Skype Community.

Join MINECON Earth Viewing Parties at Microsoft Store!

MINECON Earth, a livestreamed, interactive showcase of all things Minecraft, is on the horizon, and to celebrate, we’re inviting the Minecraft community to join us and watch this one-of-a-kind event at Microsoft Store viewing parties across the U.S., Puerto Rico and Canada. Also, for those of you in Atlanta, we’ll be hosting a pair of Build Battle competitions in early November, with winners taking home tickets to MINECON Earth itself!

MINECON Earth Viewing Parties – Coming to a Microsoft Store Near You

Viewing parties will take place across Microsoft Store locations on Saturday, November 18 at 9:00 a.m. PST. Visit our MINECON viewing party page to get more information and find the location closest to you. Attendees will be admitted 30 minutes prior to the broadcast start time, so come early to ensure you get a seat!

In addition to taking in the show itself, attendees can participate in costume contests, giveaways and competitive and collaborative gameplay with other members of the Minecraft community. Watching the MINECON Earth festivities with local Minecraft players is sure to be a blast, and we hope you’ll join us!

Microsoft Store locations will also host some Minecraft content creators, YouTubers and streamers you may be familiar with! They’ll be taking a break from creating videos and streams to experience the MINECON Earth stream as spectators, along with the rest of the Minecraft community. They’ll be hanging out with attendees at the following locations:

  • Flagship Microsoft Store in New York: Thinknoodles
  • Microsoft Store at Lenox Square Mall (Atlanta, GA): xNestorio, Tylarzz
  • Microsoft Store at SouthPark (Charlotte, NC): CavemanFilms, BlackieChan, Guude
  • Microsoft Store at Prudential Center (Boston, MA): Carnage The Creator, AntVenom
  • Microsoft Store at NorthPark Center (Dallas, TX): Jojopetv, AviatorGaming, RyguyRocky, MeganPlays, BurtDude, BAHMLounge
  • Microsoft Store at The Florida Mall (Orlando, FL): FireRockerz Studios
  • Microsoft Store at Oakbrook Center (Oak Brook, IL): Aureylian, MangoTango

Throw Down in Build Battle to Win Tickets to MINECON Earth

If you’re in the Atlanta area, you can join us in the leadup to MINECON for our Minecraft Build Battle competitions, where the winning team will walk away with tickets to the MINECON Earth show on November 18! Players will be tasked with projects revolving around a series of fun Minecraft themes, so imagination and quick thinking are a must. Like the MINECON Earth viewing parties, these events are great for meeting up with other local players (and putting your building skills to the test).

Players will have to successfully navigate three different Build Battle challenges, with the team that wins each challenge receiving points. At the end of the three challenges, each member of the team with the most total points will win two tickets to MINECON Earth apiece! Even if you aren’t competing, you still have a chance to win tickets, so come cheer on your favorite team and get entered to win a pair of tickets to the MINECON Earth show!

The Build Battles will take place on Friday, November 3 from 6:00 p.m. – 9:00 p.m. EST at the Microsoft Store at Lenox Square and Saturday, November 4 from 10:00 a.m. – 1:00 p.m. EST at the Microsoft Store at Perimeter Mall. Players can begin registering for the Build Battle outside each Microsoft Store location one hour prior to the start of the events.

We can’t wait to see the Minecraft community’s passion, talent and creativity at Build Battle and the MINECON Earth viewing parties. See you there!