Created a custom script /usr/lib/nagios/plugins/check_clamd_virus.sh in the master node and want to execute this to an Icinga node. But the script still runs on the server itself. Want to monitor clamd in Icinga node
getting below error if I use command_endpoint = host.vars.client_endpoint in the services.conf
root@Icinga2-server:~# icinga2 daemon -C --dump-objects
[2024-05-30 08:53:02 +0000] information/cli: Icinga application loader (version: r2.14.2-1)
[2024-05-30 08:53:02 +0000] information/cli: Loading configuration file(s).
[2024-05-30 08:53:02 +0000] information/ConfigItem: Committing config item(s).
[2024-05-30 08:53:02 +0000] information/ApiListener: My API identity: Icinga2-server
[2024-05-30 08:53:02 +0000] critical/config: Error: Validation failed for object 'icinga-node!clamd_virus' of type 'Service'; Attribute 'command_endpoint': Checkable with command endpoint requires a zone. Please check the troubleshooting documentation.
Location: in /etc/icinga2/conf.d/services.conf: 124:1-124:27
/etc/icinga2/conf.d/services.conf(122):
/etc/icinga2/conf.d/services.conf(123):
/etc/icinga2/conf.d/services.conf(124): apply Service "clamd_virus" {
^^^^^^^^^^^^^^^^^^^^^^^^^^^
/etc/icinga2/conf.d/services.conf(125): import "clamd_virus_template"
/etc/icinga2/conf.d/services.conf(126):
[2024-05-30 08:53:02 +0000] critical/config: 1 error
[2024-05-30 08:53:02 +0000] critical/cli: Config validation failed. Re-run with 'icinga2 daemon -C' after fixing the config.
root@Icinga2-server:~#
root@Icinga2-server:~# cat /usr/lib/nagios/plugins/check_clamd_virus.sh
#!/bin/bash
## Check if clamd is running
if ! systemctl is-active clamav-daemon; then
curl ifconfig.me
echo "CRITICAL - clamd is not running"
exit 2
fi
CLAMD_LOG="/var/log/clamav/clamd.log"
CLAMSCAN_LOG="/var/log/clamav/clamscan.log"
DETECTIONS_CLAMD=$(grep "FOUND" "$CLAMD_LOG" | tail -n 10)
DETECTIONS_CLAMSCAN=$(grep "FOUND" "$CLAMSCAN_LOG" | tail -n 10)
if [ -z "$DETECTIONS_CLAMD" ] && [ -z "$DETECTIONS_CLAMSCAN" ]; then
echo "OK - clamd is running, no viruses detected"
exit 0
else
echo "WARNING - clamd is running, recent detections found:"
echo "$DETECTIONS_CLAMD"
echo "$DETECTIONS_CLAMSCAN"
exit 1
fi
commands.conf
root@Icinga2-server:~# tail /etc/icinga2/conf.d/commands.conf
}
}
*/
object CheckCommand "check_clamd_virus" {
import "plugin-check-command"
command = [ PluginDir + "/check_clamd_virus.sh" ]
}
root@Icinga2-server:~#
services.conf
root@Icinga2-server:~# tail -20 /etc/icinga2/conf.d/services.conf
check_command = "users"
assign where host.name == NodeName
}
template Service "clamd_virus_template" {
check_command = "check_clamd_virus"
check_interval = 1m
retry_interval = 30s
enable_notifications = true
}
apply Service "clamd_virus" {
import "clamd_virus_template"
assign where host.vars.os == "Linux" && host.vars.clam == "Yes"
#command_endpoint = host.vars.client_endpoint
}
root@Icinga2-server:~#
hosts.conf
root@Icinga2-server:~# tail -34 /etc/icinga2/conf.d/hosts.conf
}
object Host "icinga-node" {
import "generic-host"
address = "x.x.x.x"
vars.os = "Linux"
vars.clam = "Yes"
vars.client_endpoint = "icinga-node"
vars.disks["disk /"] = {
disk_partitions = "/"
}
vars.disks["disk /var"] = {
disk_partitions = "/var"
}
vars.http_vhosts["Web Server"] = {
http_uri = "/"
}
vars.ssl_vhosts["Web Server"] = {
ssl_cert_path = "/path/to/cert.pem"
}
}
root@Icinga2-server:~#
zones.conf
root@Icinga2-server:~# cat /etc/icinga2/zones.conf
/*
* Generated by Icinga 2 node setup commands
* on 2024-05-22 13:03:03 +0000
*/
object Endpoint "Icinga2-server" {
}
object Endpoint "icinga-node" {
host = "x.x.x.x"
port = "5665" // Default Icinga 2 port, adjust if necessary
}
object Zone "master" {
endpoints = [ "Icinga2-server" ]
}
object Zone "icinga-node" {
parent = "master"
endpoints = [ "icinga-node" ]
}
object Zone "global-templates" {
global = true
}
object Zone "director-global" {
global = true
}
root@Icinga2-server:~#
versions
root@Icinga2-server:~# icinga2 --version
icinga2 - The Icinga 2 network monitoring daemon (version: r2.14.2-1)
server is Debian 12
