183 lines
4.8 KiB
INI
183 lines
4.8 KiB
INI
####################################################
|
|
# Sample NSCA Daemon Config File
|
|
# Written by: Ethan Galstad (nagios@nagios.org)
|
|
#
|
|
# Last Modified: 06-10-2002
|
|
####################################################
|
|
|
|
|
|
|
|
# PORT NUMBER
|
|
# Port number we should wait for connections on.
|
|
# This must be a non-priveledged port (i.e. > 1024).
|
|
|
|
server_port=5667
|
|
|
|
|
|
|
|
# SERVER ADDRESS
|
|
# Address that nrpe has to bind to in case there are
|
|
# more as one interface and we do not want nrpe to bind
|
|
# (thus listen) on all interfaces.
|
|
|
|
#server_address=192.168.1.1
|
|
|
|
|
|
|
|
# ALLOWED HOST ADDRESSES
|
|
# This is a comma-delimited list of IP address of hosts that are allowed
|
|
# to talk to the NSCA daemon.
|
|
#
|
|
# Note: The daemon only does rudimentary checking of the client's IP
|
|
# address. I would highly recommend running as a service under
|
|
# inetd instead of as a standalone daemon and using TCP wrappers to
|
|
# limit access.
|
|
|
|
allowed_hosts=127.0.0.1
|
|
|
|
|
|
|
|
# NSCA USER
|
|
# This determines the effective user that the NSCA daemon should run as.
|
|
# You can either supply a username or a UID.
|
|
#
|
|
# NOTE: This option is ignored if NSCA is running under either inetd or xinetd
|
|
|
|
nsca_user=nagios
|
|
|
|
|
|
|
|
# NSCA GROUP
|
|
# This determines the effective group that the NSCA daemon should run as.
|
|
# You can either supply a group name or a GID.
|
|
#
|
|
# NOTE: This option is ignored if NSCA is running under either inetd or xinetd
|
|
|
|
nsca_group=nagios
|
|
|
|
|
|
|
|
# DEBUGGING OPTION
|
|
# This option determines whether or not debugging
|
|
# messages are logged to the syslog facility.
|
|
# Values: 0 = debugging off, 1 = debugging on
|
|
|
|
debug=0
|
|
|
|
|
|
|
|
# COMMAND FILE
|
|
# This is the location of the Nagios command file that the daemon
|
|
# should write all service check results that it receives.
|
|
|
|
command_file=/var/nagios/rw/nagios.cmd
|
|
|
|
|
|
# ALTERNATE DUMP FILE
|
|
# This is used to specify an alternate file the daemon should
|
|
# write service check results to in the event the command file
|
|
# does not exist. It is important to note that the command file
|
|
# is implemented as a named pipe and only exists when Nagios is
|
|
# running. You may want to modify the startup script for Nagios
|
|
# to dump the contents of this file into the command file after
|
|
# it starts Nagios. Or you may simply choose to ignore any
|
|
# check results received while Nagios was not running...
|
|
|
|
alternate_dump_file=/var/nagios/rw/nsca.dump
|
|
|
|
|
|
|
|
# AGGREGATED WRITES OPTION
|
|
# This option determines whether or not the nsca daemon will
|
|
# aggregate writes to the external command file for client
|
|
# connections that contain multiple check results. If you
|
|
# are queueing service check results on remote hosts and
|
|
# sending them to the nsca daemon in bulk, you will probably
|
|
# want to enable bulk writes, as this will be a bit more
|
|
# efficient.
|
|
# Values: 0 = do not aggregate writes, 1 = aggregate writes
|
|
|
|
aggregate_writes=0
|
|
|
|
|
|
|
|
# APPEND TO FILE OPTION
|
|
# This option determines whether or not the nsca daemon will
|
|
# will open the external command file for writing or appending.
|
|
# This option should almost *always* be set to 0!
|
|
# Values: 0 = open file for writing, 1 = open file for appending
|
|
|
|
append_to_file=0
|
|
|
|
|
|
|
|
# MAX PACKET AGE OPTION
|
|
# This option is used by the nsca daemon to determine when client
|
|
# data is too old to be valid. Keeping this value as small as
|
|
# possible is recommended, as it helps prevent the possibility of
|
|
# "replay" attacks. This value needs to be at least as long as
|
|
# the time it takes your clients to send their data to the server.
|
|
# Values are in seconds. The max packet age cannot exceed 15
|
|
# minutes (900 seconds).
|
|
|
|
max_packet_age=30
|
|
|
|
|
|
|
|
# DECRYPTION PASSWORD
|
|
# This is the password/passphrase that should be used to descrypt the
|
|
# incoming packets. Note that all clients must encrypt the packets
|
|
# they send using the same password!
|
|
# IMPORTANT: You don't want all the users on this system to be able
|
|
# to read the password you specify here, so make sure to set
|
|
# restrictive permissions on this config file!
|
|
|
|
#password=
|
|
|
|
|
|
|
|
# DECRYPTION METHOD
|
|
# This option determines the method by which the nsca daemon will
|
|
# decrypt the packets it receives from the clients. The decryption
|
|
# method you choose will be a balance between security and performance,
|
|
# as strong encryption methods consume more processor resources.
|
|
# You should evaluate your security needs when choosing a decryption
|
|
# method.
|
|
#
|
|
# Note: The decryption method you specify here must match the
|
|
# encryption method the nsca clients use (as specified in
|
|
# the send_nsca.cfg file)!!
|
|
# Values:
|
|
#
|
|
# 0 = None (Do NOT use this option)
|
|
# 1 = Simple XOR (No security, just obfuscation, but very fast)
|
|
#
|
|
# 2 = DES
|
|
# 3 = 3DES (Triple DES)
|
|
# 4 = CAST-128
|
|
# 5 = CAST-256
|
|
# 6 = xTEA
|
|
# 7 = 3WAY
|
|
# 8 = BLOWFISH
|
|
# 9 = TWOFISH
|
|
# 10 = LOKI97
|
|
# 11 = RC2
|
|
# 12 = ARCFOUR
|
|
#
|
|
# 14 = RIJNDAEL-128
|
|
# 15 = RIJNDAEL-192
|
|
# 16 = RIJNDAEL-256
|
|
#
|
|
# 19 = WAKE
|
|
# 20 = SERPENT
|
|
#
|
|
# 22 = ENIGMA (Unix crypt)
|
|
# 23 = GOST
|
|
# 24 = SAFER64
|
|
# 25 = SAFER128
|
|
# 26 = SAFER+
|
|
#
|
|
|
|
decryption_method=1
|
|
|