Search Exchange
Search All Sites
Nagios Live Webinars
Let our experts show you how Nagios can help your organization.Login
Directory Tree
Check_AWS_CloudWatch_metrics
- Nagios 3.x
- Nagios XI
File | Description |
---|---|
check_cloudwatch_status-6.4.44.rb | The ruby script that retrieve the metric from AWS EC2, ELB or RDS. |
check_cloudwatch_status.cfg | The definition of the nagios command. |
sample_service.cfg | Sample of use for retrieving CPU usage of an instance on Amazon EC2. |
encrypt_credentials.rb | Ruby script that encrypts Amazon Web Services Credentials. |
Meet The New Nagios Core Services Platform
Built on over 25 years of monitoring experience, the Nagios Core Services Platform provides insightful monitoring dashboards, time-saving monitoring wizards, and unmatched ease of use. Use it for free indefinitely.
Monitoring Made Magically Better
- Nagios Core on Overdrive
- Powerful Monitoring Dashboards
- Time-Saving Configuration Wizards
- Open Source Powered Monitoring On Steroids
- And So Much More!
The Amazon credentials (Access Key ID and Secret Access Key) are read from an encrypted file.
NB: Amazon CloudWatch Namespaces, Dimensions, and Metrics Reference: http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/CW_Support_For_AWS.html
Moreover, this requires only read-only credentials that could be easily generated using Amazon IAM. For security reasons, we use encrypted credentials that are decrypted by this plugin.
Here is a command line sample of use for EC2:
debian-secludit # RUBYOPT=rubygems ruby lib/nagios/check_cloudwatch_status.rb -a ec2-XXX-XXX-XXX-XXX.compute-1.amazonaws.com -i i-XXXXXXXX -f ec2_credentials_1.cfg -C CPUUtilization -c 90 -w 75
CloudWatch Metric: CPUUtilization, Average: 16.81, Maximum: 22.93, Minimum: 11.56|metric_average=16.81 metric_maximum=22.93 metric_minimum=11.56
The ec2_credentials_1.cfg files contains the encrypted credentials as follow:
[blank_space]ec2_access_id[blank_space]B64_encoding(BF-CBC-Cipher_encoding(Access Key ID)
[blank_space]ec2_access_key[blank_space]B64_encoding(BF-CBC-Cipher_encoding(Secret Access Key)
You can use the encrypt_credentials.rb ruby script that does that as follow:
debian-secludit # RUBYOPT=rubygems ruby encrypt_credentials.rb -A XXXXXXXXXXXXXXXXXXXX -S XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX -f ec2_credentials.cfg
Here is a sample configuration file for nagios.
define service {
name Amazon_EC2_Instance_Name
use generic-service
check_command check_cloudwatch_status!i-XXXXXXXX!/etc/nagios3/credentials/ec2_credentials_1.cfg!CPUUtilization!50!80
max_check_attempts 3
}
Samples:
- EC2
debian-secludit # RUBYOPT=rubygems ruby lib/nagios/check_cloudwatch_status.rb -a ec2-XXX-XXX-XXX-XXX.compute-1.amazonaws.com -i i-XXXXXXXX -f ec2_credentials_1.cfg -C CPUUtilization -c 90 -w 75
- RDS
debian-secludit # RUBYOPT=rubygems ruby lib/nagios/check_cloudwatch_status.rb -i RDS_IDENTIFIER -a RDS_IDENTIFIER.XXXXXX.rds.amzonaws.com -f ec2_credentials_1.cfg -D CPUUtilization -c 90 -w 75
- ELB
debian-secludit # RUBYOPT=rubygems ruby lib/nagios/check_cloudwatch_status.rb -i ELB_IDENTIFIER -a ELB_IDENTIFIER.XXXXXX.elb.amzonaws.com -f ec2_credentials_1.cfg -L RequestCount
Requirements:
Ruby version >= 1.8.7
Fog gem version >= 1.25.0
My only question is this: How would you set this up if you are using two different regions? I tried just making a second copy of the file, but this appears to not work from within Nagios, though I can run the ruby script from the command line and get proper output.
i'm using it for my vpc instances - for the address argument i'm using the aws region and it works perfectly.
Please fix the hard-coded .pem file to be configurable ...
One can create the rsa files via openssl genrsa ...
Thanks a lot
best feature is we can check free storage space in RDS .
However I will ask, is there a way of finegraining elb metrics? At the moment it just uses the entire region, can the -I flag be used for the elb dns entry?
Cheers.
Hi,
You should be able to check your ELB using the '-L' option that allows to retrieve ELB metrics such as Latency, RequestCount, HealthyHostCount, and UnHealthyHostCount.
If you have problem or need more information, feel free to contact me using "Contact Owner".
Best regards,
Fred
There is a hard code to /etc/cloutomate/cloutomate.pem what is that?
I always get the error:
Exception `NameError' at encrypt_credentials.rb:91 - uninitialized constant Digest::SHA256
Can you help me out?
Hi Xorox,
The hardcoded file in encrypt_credentials.rb is a file containing a RSA private key in our system.
Could you please send me more information on how you configure the plugin and the full output of the plugin?
Please, feel free to contact me.
Fred