Home » Blog » How to Install Nagios Plugins and NRPE Agents on CentOS 7/RHEL 7/Fedora 29

Information

How to Install Nagios Plugins and NRPE Agents on CentOS 7/RHEL 7/Fedora 29

Benhcmark Administrator

13/07/2025

0 Views 0

SaveSavedRemoved 0

Effective server monitoring is crucial for maintaining the health, performance, and security of your infrastructure. While Nagios is a widely-used monitoring solution, it often relies on agents installed on remote systems to gather detailed information beyond basic connectivity checks. For Linux servers running CentOS 7, RHEL 7, or even Fedora systems, the Nagios Remote Plugin Executor (NRPE) agent and Nagios plugins are essential components.

This guide walks through the steps required to install these necessary pieces on your target Linux machines, enabling your central Nagios server to perform comprehensive checks.

Why NRPE and Nagios Plugins?

The Nagios server typically checks remote hosts passively or through standard protocols like SNMP or SSH. However, to get detailed metrics like CPU load, disk space usage, memory consumption, running processes, and custom application data, Nagios needs a way to execute scripts on the monitored host itself.

• Nagios Plugins: These are the actual scripts or executables that perform specific checks (e.g., check_cpu, check_disk, check_mem). They run locally on the target server.
• NRPE Agent: This daemon runs on the remote server. It listens for requests from the Nagios server, executes the specified Nagios plugin locally, and returns the result (status and performance data) back to the Nagios server.

Together, NRPE and the plugins allow for flexible and detailed monitoring of your Linux infrastructure.

Getting Started: Prerequisites

Before you can install the plugins and the NRPE agent from source (often the most flexible method), your system needs the necessary build tools and libraries.

• Install Development Tools: You’ll need compilers and other build utilities.
  bash
sudo yum groupinstall "Development Tools"

• Install Required Libraries: NRPE and many plugins depend on libraries like OpenSSL.
  bash
sudo yum install openssl openssl-devel perl-Net-SNMP

  (Additional libraries might be needed depending on which specific plugins you plan to use).

Installing Nagios Plugins

The plugins package contains a large collection of standard checks. It’s generally recommended to install these first.

1. Download the Plugins: Obtain the latest stable source code tarball from the official Nagios plugins website (or a trusted mirror).
   bash
wget https://www.nagios-plugins.org/download/nagios-plugins-x.x.tar.gz # Replace x.x with version

2. Extract the Source:
   bash
tar -xzf nagios-plugins-x.x.tar.gz
cd nagios-plugins-x.x

3. Configure: This step prepares the source for compilation based on your system. You’ll likely specify the user and group Nagios/NRPE will run as, and the installation directory. It’s standard practice to create a dedicated nagios user and group for this purpose.
   bash
sudo useradd nagios
sudo groupadd nagios
sudo usermod -a -G nagios nagios

   Now configure the plugins:
   bash
./configure --with-nagios-user=nagios --with-nagios-group=nagios

   You might add --prefix=/usr/local/nagios or similar to specify the install location, though the default /usr/local/nagios/libexec for plugins is common.
4. Compile and Install:
   bash
make
sudo make install

   This will compile the plugins and copy them to the specified directory (e.g., /usr/local/nagios/libexec).

Installing the NRPE Agent

Now that the plugins are in place, install the agent that will run them.

1. Download NRPE: Get the source code tarball for NRPE.
   bash
wget https://github.com/NagiosEnterprises/nrpe/releases/download/nrpe-x.x.x/nrpe-x.x.x.tar.gz # Replace x.x.x with version

2. Extract and Navigate:
   bash
tar -xzf nrpe-x.x.x.tar.gz
cd nrpe-x.x.x

3. Configure: Similar to plugins, configure NRPE, specifying the Nagios user/group and the path to the plugins.
   bash
./configure --enable-nrpe --with-ssl --with-ssl-lib=/usr/lib/x86_64-linux-gnu/ --with-nagios-user=nagios --with-nagios-group=nagios --with-nrpe-port=5666 --with-plugins=/usr/local/nagios/libexec/

   Adjust --with-ssl-lib if necessary based on your OS version, and --with-plugins to match your plugin installation path. --enable-nrpe is crucial. --with-ssl is highly recommended for secure communication.
4. Compile and Install:
   bash
make all
sudo make install-daemon
sudo make install-config
sudo make install-init # Creates systemd service file


Configuring and Starting the NRPE Service

After installation, you need to configure the NRPE daemon and ensure it runs correctly as a service.

1. Edit NRPE Configuration: The main configuration file is typically located at /usr/local/nagios/etc/nrpe.cfg. Edit this file to define which hosts are allowed to connect and which commands can be executed.
   bash
sudo nano /usr/local/nagios/etc/nrpe.cfg

   • Find the allowed_hosts directive. Add the IP address of your Nagios monitoring server. You can list multiple IPs separated by commas.
     
allowed_hosts=127.0.0.1,your_nagios_server_ip

   • Review or define command aliases (command[alias]=/path/to/plugin/check_script -arguments). For example:
     
command[check_users]=/usr/local/nagios/libexec/check_users -w 5 -c 10
command[check_load]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c 30,25,20
# Ensure the paths to plugins are correct

2. Set Ownership and Permissions: Ensure the nagios user owns the configuration file.
   bash
sudo chown nagios:nagios /usr/local/nagios/etc/nrpe.cfg
sudo chmod 600 /usr/local/nagios/etc/nrpe.cfg

3. Start and Enable the Service: Use systemd to manage the NRPE daemon.
   bash
sudo systemctl start nrpe
sudo systemctl enable nrpe # Ensure it starts on boot

4. Check Status:
   bash
sudo systemctl status nrpe

   Verify that the service is active and running without errors.

Firewall and SELinux Considerations

Network security is vital, but it can prevent Nagios from connecting to NRPE.

• Firewall: You must open the NRPE port (default is 5666) on the monitored server to allow connections from your Nagios server.
  bash
sudo firewall-cmd --permanent --add-port=5666/tcp
sudo firewall-cmd --reload

• SELinux: Security-Enhanced Linux can sometimes block NRPE from executing plugins or writing to files. If you encounter “Permission denied” errors even after fixing file permissions, SELinux might be the culprit. Check the audit logs (sudo ausearch -m avc -ts recent) for SELinux denials. Temporarily setting SELinux to permissive mode (sudo setenforce 0) can help diagnose if it’s the issue, but a permanent solution involves creating a specific SELinux policy module using audit2allow.

Testing the Installation

From your Nagios monitoring server, use the check_nrpe plugin (which should be installed there) to test connectivity and execute a basic command on the newly configured server.

/usr/local/nagios/libexec/check_nrpe -H your_monitored_server_ip

If successful, this should return the NRPE version number. Then, test a configured command:

/usr/local/nagios/libexec/check_nrpe -H your_monitored_server_ip -c check_load

This should execute the check_load command defined in nrpe.cfg on the remote server and return its output.

Conclusion

Installing Nagios plugins and the NRPE agent from source provides maximum compatibility and control over your monitoring environment on CentOS 7, RHEL 7, and Fedora systems. By following these steps – installing prerequisites, compiling and installing plugins and NRPE, configuring the agent, setting it up as a service, and adjusting firewall/SELinux settings – you establish the necessary foundation for your Nagios server to effectively monitor the vital signs of your Linux infrastructure. Remember to always verify your configuration and test connectivity from the Nagios server to ensure successful remote monitoring.

Source: https://kifarunix.com/how-to-install-nagios-plugins-and-nrpe-agents-on-centos-7-rhel-7-fedora-29/