Skip to content

Latest commit

 

History

History
1698 lines (1017 loc) · 62.2 KB

NSCAClient.md

File metadata and controls

1698 lines (1017 loc) · 62.2 KB

NSCAClient

NSCA client can be used both from command line and from queries to submit passive checks via NSCA

List of commands

A list of all available queries (check commands)

Command Description
submit_nsca Submit information to the remote NSCA server.

List of Configuration

Common Keys

Path / Section Key Description
/settings/NSCA/client channel CHANNEL
/settings/NSCA/client hostname HOSTNAME
/settings/NSCA/client/targets/default address TARGET ADDRESS
/settings/NSCA/client/targets/default [allowed ciphers](#/settings/NSCA/client/targets/default_allowed ciphers) ALLOWED CIPHERS
/settings/NSCA/client/targets/default certificate SSL CERTIFICATE
/settings/NSCA/client/targets/default encryption ENCRYPTION
/settings/NSCA/client/targets/default password PASSWORD
/settings/NSCA/client/targets/default retries RETRIES
/settings/NSCA/client/targets/default timeout TIMEOUT
/settings/NSCA/client/targets/default [use ssl](#/settings/NSCA/client/targets/default_use ssl) ENABLE SSL ENCRYPTION
/settings/NSCA/client/targets/default [verify mode](#/settings/NSCA/client/targets/default_verify mode) VERIFY MODE

Advanced keys

Path / Section Key Description
/settings/NSCA/client encoding NSCA DATA ENCODING
/settings/NSCA/client/targets/default ca CA
/settings/NSCA/client/targets/default [certificate format](#/settings/NSCA/client/targets/default_certificate format) CERTIFICATE FORMAT
/settings/NSCA/client/targets/default [certificate key](#/settings/NSCA/client/targets/default_certificate key) SSL CERTIFICATE
/settings/NSCA/client/targets/default dh DH KEY
/settings/NSCA/client/targets/default encoding ENCODING
/settings/NSCA/client/targets/default host TARGET HOST
/settings/NSCA/client/targets/default [payload length](#/settings/NSCA/client/targets/default_payload length) PAYLOAD LENGTH
/settings/NSCA/client/targets/default port TARGET PORT
/settings/NSCA/client/targets/default [time offset](#/settings/NSCA/client/targets/default_time offset) TIME OFFSET

Sample keys

Path / Section Key Description
/settings/NSCA/client/targets/sample address TARGET ADDRESS
/settings/NSCA/client/targets/sample [allowed ciphers](#/settings/NSCA/client/targets/sample_allowed ciphers) ALLOWED CIPHERS
/settings/NSCA/client/targets/sample ca CA
/settings/NSCA/client/targets/sample certificate SSL CERTIFICATE
/settings/NSCA/client/targets/sample [certificate format](#/settings/NSCA/client/targets/sample_certificate format) CERTIFICATE FORMAT
/settings/NSCA/client/targets/sample [certificate key](#/settings/NSCA/client/targets/sample_certificate key) SSL CERTIFICATE
/settings/NSCA/client/targets/sample dh DH KEY
/settings/NSCA/client/targets/sample encoding ENCODING
/settings/NSCA/client/targets/sample encryption ENCRYPTION
/settings/NSCA/client/targets/sample host TARGET HOST
/settings/NSCA/client/targets/sample password PASSWORD
/settings/NSCA/client/targets/sample [payload length](#/settings/NSCA/client/targets/sample_payload length) PAYLOAD LENGTH
/settings/NSCA/client/targets/sample port TARGET PORT
/settings/NSCA/client/targets/sample retries RETRIES
/settings/NSCA/client/targets/sample [time offset](#/settings/NSCA/client/targets/sample_time offset) TIME OFFSET
/settings/NSCA/client/targets/sample timeout TIMEOUT
/settings/NSCA/client/targets/sample [use ssl](#/settings/NSCA/client/targets/sample_use ssl) ENABLE SSL ENCRYPTION
/settings/NSCA/client/targets/sample [verify mode](#/settings/NSCA/client/targets/sample_verify mode) VERIFY MODE

Queries

A quick reference for all available queries (check commands) in the NSCAClient module.

submit_nsca

Submit information to the remote NSCA server.

Usage

Option Default Value Description
help N/A Show help screen (this screen)
help-pb N/A Show help screen as a protocol buffer payload
show-default N/A Show default values for a given command
help-short N/A Show help screen (short format).
host The host of the host running the server
port The port of the host running the server
address The address (host:port) of the host running the server
timeout Number of seconds before connection times out (default=10)
target Target to use (lookup connection info from config)
retry Number of times ti retry a failed connection attempt (default=2)
retries legacy version of retry
source-host Source/sender host name (default is auto which means use the name of the actual host)
sender-host Source/sender host name (default is auto which means use the name of the actual host)
command The name of the command that the remote daemon should run
alias Same as command
message Message
result Result code either a number or OK, WARN, CRIT, UNKNOWN
separator Separator to use for the batch command (default is
batch Add multiple records using the separator format is: command
certificate Length of payload (has to be same as on the server)
dh Length of payload (has to be same as on the server)
certificate-key Client certificate to use
certificate-format Client certificate format
ca Certificate authority
verify Client certificate format
allowed-ciphers Client certificate format
ssl 1 Initial an ssl handshake with the server.
encryption Name of encryption algorithm to use.
payload-length Length of payload (has to be same as on the server)
buffer-length Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work.
password Password
time-offset
### help

Description: Show help screen (this screen)

### help-pb

Description: Show help screen as a protocol buffer payload

### show-default

Description: Show default values for a given command

### help-short

Description: Show help screen (short format).

### host

Description: The host of the host running the server

### port

Description: The port of the host running the server

### address

Description: The address (host:port) of the host running the server

### timeout

Description: Number of seconds before connection times out (default=10)

### target

Description: Target to use (lookup connection info from config)

### retry

Description: Number of times ti retry a failed connection attempt (default=2)

### retries

Description: legacy version of retry

### source-host

Description: Source/sender host name (default is auto which means use the name of the actual host)

### sender-host

Description: Source/sender host name (default is auto which means use the name of the actual host)

### command

Description: The name of the command that the remote daemon should run

### alias

Description: Same as command

### message

Description: Message

### result

Description: Result code either a number or OK, WARN, CRIT, UNKNOWN

### separator

Description: Separator to use for the batch command (default is |)

### batch

Description: Add multiple records using the separator format is: command|result|message

### certificate

Description: Length of payload (has to be same as on the server)

### dh

Description: Length of payload (has to be same as on the server)

### certificate-key

Description: Client certificate to use

### certificate-format

Description: Client certificate format

### ca

Description: Certificate authority

### verify

Description: Client certificate format

### allowed-ciphers

Description: Client certificate format

### ssl

Deafult Value: 1

Description: Initial an ssl handshake with the server.

### encryption

Description: Name of encryption algorithm to use. Has to be the same as your server i using or it wont work at all.This is also independent of SSL and generally used instead of SSL. Available encryption algorithms are: none = No Encryption (not safe) xor = XOR des = DES 3des = DES-EDE3 cast128 = CAST-128 xtea = XTEA blowfish = Blowfish twofish = Twofish rc2 = RC2 aes128 = AES aes192 = AES aes = AES serpent = Serpent gost = GOST

### payload-length

Description: Length of payload (has to be same as on the server)

### buffer-length

Description: Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work.

### password

Description: Password

### time-offset

Description:

## NSCA CLIENT SECTION

Section for NSCA passive check module.

# Section for NSCA passive check module.
[/settings/NSCA/client]
channel=NSCA
hostname=auto
Key Default Value Description
channel NSCA CHANNEL
encoding NSCA DATA ENCODING
hostname auto HOSTNAME
### channel

CHANNEL

The channel to listen to.

Key Description
Path: /settings/NSCA/client
Key: channel
Default value: NSCA
Used by: NSCAClient
[/settings/NSCA/client]
# CHANNEL
channel=NSCA
### encoding

NSCA DATA ENCODING

Key Description
Path: /settings/NSCA/client
Key: encoding
Advanced: Yes (means it is not commonly used)
Default value: N/A
Used by: NSCAClient
[/settings/NSCA/client]
# NSCA DATA ENCODING
encoding=
### hostname

HOSTNAME

The host name of the monitored computer. Set this to auto (default) to use the windows name of the computer.

auto Hostname ${host} Hostname ${host_lc} Hostname in lowercase ${host_uc} Hostname in uppercase ${domain} Domainname ${domain_lc} Domainname in lowercase ${domain_uc} Domainname in uppercase

Key Description
Path: /settings/NSCA/client
Key: hostname
Default value: auto
Used by: NSCAClient
[/settings/NSCA/client]
# HOSTNAME
hostname=auto
## CLIENT HANDLER SECTION
# 
[/settings/NSCA/client/handlers]
## REMOTE TARGET DEFINITIONS
# 
[/settings/NSCA/client/targets]
## TARGET

Target definition for: default

# Target definition for: default
[/settings/NSCA/client/targets/default]
encryption=aes
payload length=512
retries=3
time offset=0
timeout=30
Key Default Value Description
address TARGET ADDRESS
[allowed ciphers](#/settings/NSCA/client/targets/default_allowed ciphers) ALLOWED CIPHERS
ca CA
certificate SSL CERTIFICATE
[certificate format](#/settings/NSCA/client/targets/default_certificate format) CERTIFICATE FORMAT
[certificate key](#/settings/NSCA/client/targets/default_certificate key) SSL CERTIFICATE
dh DH KEY
encoding ENCODING
encryption aes ENCRYPTION
host TARGET HOST
password PASSWORD
[payload length](#/settings/NSCA/client/targets/default_payload length) 512 PAYLOAD LENGTH
port TARGET PORT
retries 3 RETRIES
[time offset](#/settings/NSCA/client/targets/default_time offset) 0 TIME OFFSET
timeout 30 TIMEOUT
[use ssl](#/settings/NSCA/client/targets/default_use ssl) ENABLE SSL ENCRYPTION
[verify mode](#/settings/NSCA/client/targets/default_verify mode) VERIFY MODE
### address

TARGET ADDRESS

Target host address

Key Description
Path: /settings/NSCA/client/targets/default
Key: address
Default value: N/A
Used by: NSCAClient
[/settings/NSCA/client/targets/default]
# TARGET ADDRESS
address=
### allowed ciphers

ALLOWED CIPHERS

A better value is: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH

Key Description
Path: /settings/NSCA/client/targets/default
Key: allowed ciphers
Default value: N/A
Used by: NSCAClient
[/settings/NSCA/client/targets/default]
# ALLOWED CIPHERS
allowed ciphers=
### ca

CA

Key Description
Path: /settings/NSCA/client/targets/default
Key: ca
Advanced: Yes (means it is not commonly used)
Default value: N/A
Used by: NSCAClient
[/settings/NSCA/client/targets/default]
# CA
ca=
### certificate

SSL CERTIFICATE

Key Description
Path: /settings/NSCA/client/targets/default
Key: certificate
Default value: N/A
Used by: NSCAClient
[/settings/NSCA/client/targets/default]
# SSL CERTIFICATE
certificate=
### certificate format

CERTIFICATE FORMAT

Key Description
Path: /settings/NSCA/client/targets/default
Key: certificate format
Advanced: Yes (means it is not commonly used)
Default value: N/A
Used by: NSCAClient
[/settings/NSCA/client/targets/default]
# CERTIFICATE FORMAT
certificate format=
### certificate key

SSL CERTIFICATE

Key Description
Path: /settings/NSCA/client/targets/default
Key: certificate key
Advanced: Yes (means it is not commonly used)
Default value: N/A
Used by: NSCAClient
[/settings/NSCA/client/targets/default]
# SSL CERTIFICATE
certificate key=
### dh

DH KEY

Key Description
Path: /settings/NSCA/client/targets/default
Key: dh
Advanced: Yes (means it is not commonly used)
Default value: N/A
Used by: NSCAClient
[/settings/NSCA/client/targets/default]
# DH KEY
dh=
### encoding

ENCODING

Key Description
Path: /settings/NSCA/client/targets/default
Key: encoding
Advanced: Yes (means it is not commonly used)
Default value: N/A
Used by: NSCAClient
[/settings/NSCA/client/targets/default]
# ENCODING
encoding=
### encryption

ENCRYPTION

Name of encryption algorithm to use. Has to be the same as your server i using or it wont work at all.This is also independent of SSL and generally used instead of SSL. Available encryption algorithms are: none = No Encryption (not safe) xor = XOR des = DES 3des = DES-EDE3 cast128 = CAST-128 xtea = XTEA blowfish = Blowfish twofish = Twofish rc2 = RC2 aes128 = AES aes192 = AES aes = AES serpent = Serpent gost = GOST

Key Description
Path: /settings/NSCA/client/targets/default
Key: encryption
Default value: aes
Used by: NSCAClient
[/settings/NSCA/client/targets/default]
# ENCRYPTION
encryption=aes
### host

TARGET HOST

The target server to report results to.

Key Description
Path: /settings/NSCA/client/targets/default
Key: host
Advanced: Yes (means it is not commonly used)
Default value: N/A
Used by: NSCAClient
[/settings/NSCA/client/targets/default]
# TARGET HOST
host=
### password

PASSWORD

The password to use. Again has to be the same as the server or it wont work at all.

Key Description
Path: /settings/NSCA/client/targets/default
Key: password
Default value: N/A
Used by: NSCAClient
[/settings/NSCA/client/targets/default]
# PASSWORD
password=
### payload length

PAYLOAD LENGTH

Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work.

Key Description
Path: /settings/NSCA/client/targets/default
Key: payload length
Advanced: Yes (means it is not commonly used)
Default value: 512
Used by: NSCAClient
[/settings/NSCA/client/targets/default]
# PAYLOAD LENGTH
payload length=512
### port

TARGET PORT

The target server port

Key Description
Path: /settings/NSCA/client/targets/default
Key: port
Advanced: Yes (means it is not commonly used)
Default value: N/A
Used by: NSCAClient
[/settings/NSCA/client/targets/default]
# TARGET PORT
port=
### retries

RETRIES

Number of times to retry sending.

Key Description
Path: /settings/NSCA/client/targets/default
Key: retries
Default value: 3
Used by: NSCAClient
[/settings/NSCA/client/targets/default]
# RETRIES
retries=3
### time offset

TIME OFFSET

Time offset.

Key Description
Path: /settings/NSCA/client/targets/default
Key: time offset
Advanced: Yes (means it is not commonly used)
Default value: 0
Used by: NSCAClient
[/settings/NSCA/client/targets/default]
# TIME OFFSET
time offset=0
### timeout

TIMEOUT

Timeout when reading/writing packets to/from sockets.

Key Description
Path: /settings/NSCA/client/targets/default
Key: timeout
Default value: 30
Used by: NSCAClient
[/settings/NSCA/client/targets/default]
# TIMEOUT
timeout=30
### use ssl

ENABLE SSL ENCRYPTION

This option controls if SSL should be enabled.

Key Description
Path: /settings/NSCA/client/targets/default
Key: use ssl
Default value: N/A
Used by: NSCAClient
[/settings/NSCA/client/targets/default]
# ENABLE SSL ENCRYPTION
use ssl=
### verify mode

VERIFY MODE

Key Description
Path: /settings/NSCA/client/targets/default
Key: verify mode
Default value: N/A
Used by: NSCAClient
[/settings/NSCA/client/targets/default]
# VERIFY MODE
verify mode=
## TARGET

Target definition for: sample

# Target definition for: sample
[/settings/NSCA/client/targets/sample]
encryption=aes
payload length=512
retries=3
time offset=0
timeout=30
Key Default Value Description
address TARGET ADDRESS
[allowed ciphers](#/settings/NSCA/client/targets/sample_allowed ciphers) ALLOWED CIPHERS
ca CA
certificate SSL CERTIFICATE
[certificate format](#/settings/NSCA/client/targets/sample_certificate format) CERTIFICATE FORMAT
[certificate key](#/settings/NSCA/client/targets/sample_certificate key) SSL CERTIFICATE
dh DH KEY
encoding ENCODING
encryption aes ENCRYPTION
host TARGET HOST
password PASSWORD
[payload length](#/settings/NSCA/client/targets/sample_payload length) 512 PAYLOAD LENGTH
port TARGET PORT
retries 3 RETRIES
[time offset](#/settings/NSCA/client/targets/sample_time offset) 0 TIME OFFSET
timeout 30 TIMEOUT
[use ssl](#/settings/NSCA/client/targets/sample_use ssl) ENABLE SSL ENCRYPTION
[verify mode](#/settings/NSCA/client/targets/sample_verify mode) VERIFY MODE
### address

TARGET ADDRESS

Target host address

Key Description
Path: /settings/NSCA/client/targets/sample
Key: address
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient
[/settings/NSCA/client/targets/sample]
# TARGET ADDRESS
address=
### allowed ciphers

ALLOWED CIPHERS

A better value is: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH

Key Description
Path: /settings/NSCA/client/targets/sample
Key: allowed ciphers
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient
[/settings/NSCA/client/targets/sample]
# ALLOWED CIPHERS
allowed ciphers=
### ca

CA

Key Description
Path: /settings/NSCA/client/targets/sample
Key: ca
Advanced: Yes (means it is not commonly used)
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient
[/settings/NSCA/client/targets/sample]
# CA
ca=
### certificate

SSL CERTIFICATE

Key Description
Path: /settings/NSCA/client/targets/sample
Key: certificate
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient
[/settings/NSCA/client/targets/sample]
# SSL CERTIFICATE
certificate=
### certificate format

CERTIFICATE FORMAT

Key Description
Path: /settings/NSCA/client/targets/sample
Key: certificate format
Advanced: Yes (means it is not commonly used)
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient
[/settings/NSCA/client/targets/sample]
# CERTIFICATE FORMAT
certificate format=
### certificate key

SSL CERTIFICATE

Key Description
Path: /settings/NSCA/client/targets/sample
Key: certificate key
Advanced: Yes (means it is not commonly used)
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient
[/settings/NSCA/client/targets/sample]
# SSL CERTIFICATE
certificate key=
### dh

DH KEY

Key Description
Path: /settings/NSCA/client/targets/sample
Key: dh
Advanced: Yes (means it is not commonly used)
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient
[/settings/NSCA/client/targets/sample]
# DH KEY
dh=
### encoding

ENCODING

Key Description
Path: /settings/NSCA/client/targets/sample
Key: encoding
Advanced: Yes (means it is not commonly used)
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient
[/settings/NSCA/client/targets/sample]
# ENCODING
encoding=
### encryption

ENCRYPTION

Name of encryption algorithm to use. Has to be the same as your server i using or it wont work at all.This is also independent of SSL and generally used instead of SSL. Available encryption algorithms are: none = No Encryption (not safe) xor = XOR des = DES 3des = DES-EDE3 cast128 = CAST-128 xtea = XTEA blowfish = Blowfish twofish = Twofish rc2 = RC2 aes128 = AES aes192 = AES aes = AES serpent = Serpent gost = GOST

Key Description
Path: /settings/NSCA/client/targets/sample
Key: encryption
Default value: aes
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient
[/settings/NSCA/client/targets/sample]
# ENCRYPTION
encryption=aes
### host

TARGET HOST

The target server to report results to.

Key Description
Path: /settings/NSCA/client/targets/sample
Key: host
Advanced: Yes (means it is not commonly used)
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient
[/settings/NSCA/client/targets/sample]
# TARGET HOST
host=
### password

PASSWORD

The password to use. Again has to be the same as the server or it wont work at all.

Key Description
Path: /settings/NSCA/client/targets/sample
Key: password
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient
[/settings/NSCA/client/targets/sample]
# PASSWORD
password=
### payload length

PAYLOAD LENGTH

Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work.

Key Description
Path: /settings/NSCA/client/targets/sample
Key: payload length
Advanced: Yes (means it is not commonly used)
Default value: 512
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient
[/settings/NSCA/client/targets/sample]
# PAYLOAD LENGTH
payload length=512
### port

TARGET PORT

The target server port

Key Description
Path: /settings/NSCA/client/targets/sample
Key: port
Advanced: Yes (means it is not commonly used)
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient
[/settings/NSCA/client/targets/sample]
# TARGET PORT
port=
### retries

RETRIES

Number of times to retry sending.

Key Description
Path: /settings/NSCA/client/targets/sample
Key: retries
Default value: 3
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient
[/settings/NSCA/client/targets/sample]
# RETRIES
retries=3
### time offset

TIME OFFSET

Time offset.

Key Description
Path: /settings/NSCA/client/targets/sample
Key: time offset
Advanced: Yes (means it is not commonly used)
Default value: 0
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient
[/settings/NSCA/client/targets/sample]
# TIME OFFSET
time offset=0
### timeout

TIMEOUT

Timeout when reading/writing packets to/from sockets.

Key Description
Path: /settings/NSCA/client/targets/sample
Key: timeout
Default value: 30
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient
[/settings/NSCA/client/targets/sample]
# TIMEOUT
timeout=30
### use ssl

ENABLE SSL ENCRYPTION

This option controls if SSL should be enabled.

Key Description
Path: /settings/NSCA/client/targets/sample
Key: use ssl
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient
[/settings/NSCA/client/targets/sample]
# ENABLE SSL ENCRYPTION
use ssl=
### verify mode

VERIFY MODE

Key Description
Path: /settings/NSCA/client/targets/sample
Key: verify mode
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient
[/settings/NSCA/client/targets/sample]
# VERIFY MODE
verify mode=