Home Support Installation
Sign In Register
spacer spacer spacer

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

spacer spacer spacer
Sign In Register
  • Categories
  • Recent Discussions
  • Activity
  • Participated
  • Unanswered 161
  • Best of...

Categories

  • All Categories 982
  • Announcements 18
  • Community 5
  • Product 7
  • Support 882
  • Deployment Architecture 126
  • Installation 130
  • Updates & Upgrades 66
  • Logger 18
  • SIEM / Console 166
  • Correlation Help 52
  • Reporting 21
  • Sensor 376
  • Configuring data sources 36
  • Data Plugins 102
  • Asset Discovery 38
  • [N|W|H]IDS 58
  • Vulnerability Assessment 50
  • Network Monitoring 38
  • General Security 32
  • AlienVault Labs 12
  • Open Threat Discussion 14
  • Compliance 6
  • Feedback 56
  • Product 38
  • Community 18
  • ARK Content 0
Looking for documentation? Check out ARK - our new documentation portal!
AlienVault OSSIM v4.1 Released! Download here

Nagvis + check_mk + pnp4nagios

spacer freis
in Installation
Hi there, i'm wondering if anyone else tried to install this combo into ossim itself, and if you did how you did it. 
I'm having some problems while trying to install them because i ran into many problems such as web related, where they try to use htpasswd.users as an authentication method but nagios on ossim don't seem to have it.
If someone would be so kind to explain me how to do it, i would appreciate.

Thanks in advance.
Flag
  • Abuse
 0 Off Topic Dislike Like Awesome

Best Answers

  • spacer marcmunk
    Answer ✓
    If i am not mistaken check_mk does the same as ndo? I've done a nagvis ,ndo install on both my lab and a production install. I did some documentation on how to install that combo. I do hope it will make its way into ark soon. But i will give you a quick howto:


    Apt-get install nagvis say yes to configure ndo doing install

    When installing you will need to find a password the installer creates doing install if i am not mistaken. look at this forumpost from DK

    https://www.alienvault.com/forum/index.php?t=msg&goto=2361&S=014c1ec92fe09ff5c9f4b5779f6ac6ef

    Next it's time to do some configuration

    In /etc/default/ndoutils change ENABLE_NDOUTILS= 0 to ENABLE_NDOUTILS= 1
    Change #SOCKET=/var/cache/nagios3/ndo.sock to SOCKET=/var/cache/nagios3/ndo.sock
    Open /etc/dbconfig-common/ndoutils-mysql.conf and find dbusername and dbpassword.
    Open /etc/nagvis/nagvis.ini.php and find [backend_ndomy_1] Type in the dbusername and dbpassword from ndoutils-mysql.conf
    In /etc/nagios3/nagios.cfg uncomment:  broker_module=/usr/lib/check_mk/livestatus.o /var/lib/nagios3/rw/live
    and add broker_module=/usr/lib/ndoutils/ndomod-mysql-3x.o config_file=/etc/nagios3/ndomod.cfg
    Run /etc/init.d/ndoutils restart && /etc/init.d/nagios3 restart

    Hope you can use this.
    Flag
    • Abuse
     5 Off Topic Dislike Like Awesome
  • spacer marcmunk
    Answer ✓

    You should put this in your file:
    broker_module=/usr/lib/ndoutils/ndomod-mysql-3x.o config_file=/etc/nagios3/ndomod.cfg

    In one line.

    The 'add' was just to tell you to add the line. :)
    Flag
    • Abuse
     5 Off Topic Dislike Like Awesome
  • spacer marcmunk
    Answer ✓
    I used the steps i pasted ealier with out problems. I just asumed that it would work with the latest version of AV. I will test it as soon as i get some free time.
    Flag
    • Abuse
     5 Off Topic Dislike Like Awesome

Answers

  • spacer marcmunk
    Answer ✓
    If i am not mistaken check_mk does the same as ndo? I've done a nagvis ,ndo install on both my lab and a production install. I did some documentation on how to install that combo. I do hope it will make its way into ark soon. But i will give you a quick howto:


    Apt-get install nagvis say yes to configure ndo doing install

    When installing you will need to find a password the installer creates doing install if i am not mistaken. look at this forumpost from DK

    https://www.alienvault.com/forum/index.php?t=msg&goto=2361&S=014c1ec92fe09ff5c9f4b5779f6ac6ef

    Next it's time to do some configuration

    In /etc/default/ndoutils change ENABLE_NDOUTILS= 0 to ENABLE_NDOUTILS= 1
    Change #SOCKET=/var/cache/nagios3/ndo.sock to SOCKET=/var/cache/nagios3/ndo.sock
    Open /etc/dbconfig-common/ndoutils-mysql.conf and find dbusername and dbpassword.
    Open /etc/nagvis/nagvis.ini.php and find [backend_ndomy_1] Type in the dbusername and dbpassword from ndoutils-mysql.conf
    In /etc/nagios3/nagios.cfg uncomment:  broker_module=/usr/lib/check_mk/livestatus.o /var/lib/nagios3/rw/live
    and add broker_module=/usr/lib/ndoutils/ndomod-mysql-3x.o config_file=/etc/nagios3/ndomod.cfg
    Run /etc/init.d/ndoutils restart && /etc/init.d/nagios3 restart

    Hope you can use this.
    Flag
    • Abuse
     5 Off Topic Dislike Like Awesome
  • spacer freis
    Heys, thanks for the fast answer. Yes check_mk does the same.
    Well I just have one question.
    add broker_module=/usr/lib/ndoutils/ndomod-mysql-3x.o config_file=/etc/nagios3/ndomod.cfg it's all in the same line or we're talking about two different lines here? 
    If it's to be on the same line after restarting ndoutils, nagios and apache when i try to /nagvis i get the following page: (did i miss something? I'm reading the config file from apache for nagvis and it says that tries to authenticate against htpasswd.users from nagios3, but this file does not exists.)

    Internal Server Error

    The server encountered an internal error or misconfiguration and was unable to complete your request.

    Please contact the server administrator, [no address given] and inform them of the time the error occurred, and anything you might have done that may have caused the error.

    More information about this error may be available in the server error log.

    Flag
    • Abuse
     0 Off Topic Dislike Like Awesome
  • spacer marcmunk
    Answer ✓
Related searches:
install february module dislike broker
gipoco.com is neither affiliated with the authors of this page nor responsible for its contents. This is a safe-cache copy of the original web site.