Nagios monitoring
Christian Cawley scans his network for intruders and unsafe hardware using little more than a Raspberry Pi and Nagios.
Christian Cawley scans his network for intruders and unsafe hardware.
Network security is vital to the integrity of your data and hardware. Using a router with a firewall and computer security tools is wise, but to get a better idea of what’s happening on your network, you’ll need a monitoring tool.
It might seem like the stuff of low-budget cyber thrillers, but a network monitoring tool can be effortlessly set up and put to work pinging the hardware on your network and scanning for intruders. This essentially means that you can learn right away when your devices on your network go offline (perhaps IOT or smart-home applications), and discover unauthorised connections to your router or other networked hardware. All you need is a Raspberry Pi and the
Nagios software.
Two versions of Nagios are available. There’s the
Nagios XI series of premium products, which might be more suited to corporate use. These feature a trial period and technical support. Nagios also comes as an open source suite, with four options: Nagios Core, Nagios Core Plugins, Nagios Core Frontends
(community-generated UIS) and Nagios Core Addons to extend functionality. Once installed on a single device, Nagios brings continuous monitoring to your network, regardless of its size and dynamic.
Continuous monitoring is a staggeringly useful concept that all too few businesses take the time to implement. It basically enables the detection of network and server issues almost as they happen. This prompt detection enables fast diagnosis, thus minimising downtime.
With the open source version of Nagios, it’s possible for anyone to apply this level of monitoring to a network. It doesn’t matter whether you’re running a home network, a social club, or you’re the system admin for a healthcare provider. Install Nagios on a Raspberry Pi, configure monitoring and notifications, and network management is immediately levelled up.
Start being a nagios
As noted, various versions of Nagios are available; this is true for the Pi versions too, where different builds have been released over the years. For simplicity, we’re going to look at two options: installing a dedicated disk image, and installing manually to your existing OS.
NEMS for the Raspberry Pi stands for Nagios Enterprise Monitoring Server, and is available from
http://bit.ly/lxf253nems 1. It requires an SD card of at least 16GB, with 32GB recommended. A Raspberry Pi 3B+ is recommended, although almost any version apart from the Raspberry Pi 1 Model A and Raspberry Pi Compute Modules should work. Note that the NEMS build can only be downloaded using a Bittorrent client. Other Nagios disk images are available, however.
Once downloaded, use your preferred disk imaging tool to write the IMG file to the SD card. For simplicity, the open source cross-platform Etcher tool from Balena
(www.balena.io/etcher) is the best option if you’re using a desktop environment.
All you need to do is download and install the tool, insert the SD card in your computer, select the disk image, confirm the correct drive is selected, and click Flash. Note that this will reformat and overwrite the SD card. A few moments later, NEMS will ready to run on your Raspberry Pi.
Next, connect your Raspberry Pi to your router via Ethernet. While NEMS can use Wi-fi, Ethernet is a more reliable medium for network monitoring. Insert the SD card, then boot up the Pi and wait while NEMS configures. This will involve the filesystem automatically resizing, so the initial boot will be longer than usual.
Using SSH, connect to NEMS using nemsadmin as the username and password. Then run sudo nems-init
This will start the NEMS setup. Here, you’ll need to set the correct locale, encoding options, and create an
https://nemslinux.com/download/nagios-for-raspberry-pi-4.php
account. This includes adding an email address to which notifications will be sent. In your desktop browser, open https://nems.local (or use the Pi’s IP address) to start configuration.
Nagios it yourself
Alternatively, you can install Nagios manually to your Raspberry Pi’s existing operating system, Raspbian or otherwise. For the best results, start with a fresh OS install, then open a terminal or start an SSH session. First update and upgrade:
sudo apt update && sudo apt upgrade
Be sure to follow this with a reboot.
sudo reboot
With the Pi restarted, install Nagios:
sudo apt install nagios3
Wait for prompts to create an admin account, keeping note of the password as you’ll need this later. The installation will continue for a short while after this. When done, you’ll be able to access Nagios from another device using the Pi’s IP address, such as http://192.168.1.10/nagios3. Use the nagiosadmin
username and the password you created earlier when you’re prompted.
Get monitoring
With Nagios installed on your Raspberry Pi, you have a continuous monitoring system ready to run. All that’s left to do is to configure it for your purposes. If you’ve set up manually, you can configure a host via the terminal. Start by creating a configuration file; ours is called monitor.cfg.
sudo nano /etc/nagios3/conf.d/monitor.cfg
In this file, add the details that relate to the device you wish to monitor. For example, I have a Raspberry Pi hosting a Minecraft server:
define host { use generic-host host_name minecraft alias minecraft address 192.168.1.22 }
The generic-host used is a template found at
/etc/nagios3/conf.d/generic-host_nagios2.cfg.
Templates can be used to save time when creating device-monitoring settings. To save time, all you should need to do is create multiple entries based on this definition, changing the host_name , alias and address
to the device you’re monitoring.
Hit Ctrl+x to save and exit, then reload Nagios:
sudo service nagios3 reload
If you run into any problems, check for errors with:
sudo /usr/sbin/nagios3 -v /etc/nagios3/nagios.cfg
This will ensure your config files are correct. Remember to reload Nagios again after checking.
Monitoring can be observed via the browser; indeed, you might consider leaving this open. Or you could simply run it on your Pi’s desktop, ready for remote observation via VNC.
Nagios configuration can also be conducted using your web browser. In the browser, open the Configuration menu and find NEMS Configurator. Find Hosts in the left-hand menu and click Add. Next, add the host details with the same credentials as you would manually. Add any necessary notifications, then Submit to save.
Use the Reporting menu to keep an eye on performance. Two key views are available. Adagios is a modernised user interface, while Nagios Core relies on a legacy view that dates back a few years. Both are entirely usable, however.
The full power of Nagios is considerable, so take the time to explore the features, add your networked devices, check logs, switch visualisations and more. If you’re using NEMS, you can easily configure a host via the browser interface in the same way.
That’s all there is to it – your Raspberry Pi Nagios box is now set up for monitoring. It can be left running in the background indefinitely, ready to alert you to any problems with hardware connectivity and suspicious activity on your network.