Unix LDAP Server (via SSH)

Description

Monitors a UNIX LDAP Server. LDAP services are monitored remotely. Monitoring scripts are installed on the remote server and called from the GroundWork server using the SSH protocol. Please reference the SSH Monitoring document when using this profile. If you are communicating to a remote host that is behind a firewall, make sure the SSH port 22 is allowed to access the remote host.

Profile Package

This package includes the following files:

  • Profile definition: service-profile-ssh-ldap.xml

  • Plugin script (installed on the GroundWork server): check_ldap and check_by_ssh

  • Plugin script (installed on the remote monitored server): check_procs

Installation

GroundWork Monitor includes many monitoring profiles for a variety of devices, systems and applications. Some profiles are pre-imported on a new GroundWork installation and others are distributed with the product. The configuration tool is used to import updated profiles and profiles that require additional setup, services can also be imported, see Importing Profiles.

Services Configuration

For plugin details you can run the service help command from within the nagios container. For example: Get to the nagios container from the gw8 directory: docker-compose exec -u 1000 nagios bash, then to the libexec directory: cd /usr/local/nagios/libexec, and enter a service help command e.g., ./check_snmp --help to receive help content.

Service/Command Line/Plugin CommandCommand Parameters

This column lists the Service Definition name, Service Command name with arguments to be passed to the plugin, and the Plugin Command line which is the plugin script called by Nagios for the service.

Command parameters are in the configuration services section with the following names and default values.

  • s_slapd

  • check_by_ssh_process_slapd!1:10!1:15

  • $USER1$/check_by_ssh -H $HOSTADDRESS$ -t 60 -l "$USER17$" -C "$USER22$/check_procs -w $ARG1$ -c $ARG2$ -C slapd"

Check for the number of slapd processes running.

  • $ARG1$: A warning alert will be generated if the number of processes is outside this range, default is 1:10

  • $ARG2$: A critical alert will be generated if the number of processes is outside this range, default is 1:15

  • tcp_ldap

  • check_ldap!3!5! dc=groundworkopensource,dc=com

  • $USER1$/check_ldap -t 60 -H $HOSTADDRESS$ -w "$ARG1$" -c "$ARG2$" -b "$ARG3$" -3

Attempts to bind anonymously to the specified DN. The default LDAP version is 2. If you wish to change this to version 3, use the configuration tool to add "-3" to the check_ldap command. The check_ldap plugin help indicates v2 is default.

  • $ARG1$: Warning threshold response time in seconds, default is 3 seconds

  • $ARG2$: Critical threshold response time in seconds, default is 5 seconds

  • $ARG3$: LDAP base. (For example, ou=my unit, o=my org, c=at ; default is dc=groundworkopensource,dc=com)

Related Resources