Das Web Service Module ws_arbiter nimmt Passive-Checks für Shinken entgegen. Allerdings ohne SSL-Verschlüsselung. Für die SSL-Verschlüsselung der Passive-Checks wird das WS_Arbiter-Modul nun auf http://localhost:7760/ gelegt und nach Aussen über das Apache-Modul mod_proxy verfügbar gemacht.
Shinken-Konfiguration:
## Module: WS_Arbiter ## Loaded by: Arbiter, Receiver # WebService module for the Arbiter and Receiver so you can send (POST) passive # checks to it define module { module_name WS_Arbiter module_type ws_arbiter host localhost port 7760 username nagios ; If you want auth, set username and password. password ci2m0kPsgs4mM }
Apache-Konfiguration:
<VirtualHost 172.16.64.42:7760> ServerName mon-01.mg-it.net LogLevel info ErrorLog /var/log/apache2/passive-check-proxy.log CustomLog /var/log/apache2/passive-check-proxy.log combined <Proxy *> Order deny,allow Allow from all </Proxy> SSLEngine on SSLProxyEngine On SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!MD5:@STRENGTH SSLCertificateFile /etc/apache2/ssl.crt/ewois.crt SSLCertificateKeyFile /etc/apache2/ssl.key/private_mg-it-net.pem ProxyRequests Off ProxyPreserveHost On ProxyPass / http://localhost:7760/ </VirtualHost>
Aufruf per curl:
curl -k -u nagios:ci2m0kPsgs4mM -d \ "time_stamp=$(date +%s)&host_name=www-server-01&service_description=HTTP-Service&return_code=2&output=TEST" \ https://172.16.64.42:7760/push_check_result