Friday, January 5, 2018

Use ssh instead of ping to check server status

Server Availability cannot always be checked by using ping, since often a secured subnet will not allow traffic back.  That common practice of dropping packets is an attempt to hide servers and provide additional security, but it can make troubleshooting more difficult.

Since ssh is typcially running and responding on any linux servers that need to be managed, check_ssh seems to be more practical than the default check_ping as the check_command for each host definition in Nagios.

This simple shell script uses a Nagios plugin /usr/local/nagios/libexec/check_ssh to quickly check the status of a server.  One thing to note is that a Nagios installation is not required, just the plugins have to be compiled so the binary can be available to the wrapper script.

#!/bin/sh

# checkssh.sh
#
# Author: Scott McClelland
# 2017-03-29
#
# checkssh, uses Nagios plugin check_ssh
# /usr/local/nagios/libexec/check_ssh
#
# nagios-plugins are downloadable from:
# https://www.nagios.org/downloads/nagios-plugins/

if [ "$1" = "" ]
then
echo enter host name
 exit 1
fi
host=$1

checkssh()
{
chkssh=/usr/local/nagios/libexec/check_ssh

$chkssh $host  2>&1 >/dev/null
RESULT=$?

if [ "$RESULT" -eq "0" ]

then
        echo $host : OK
else
        echo $host : DOWN
fi

        return $RESULT
}


Run the command with:




   checkssh $host



To run the command on a group of servers, use a for loop.






$ for s in web0{1..3} db0{1,2} xyz01; do ./chkssh.sh $s;done
web01 : OK
web02 : OK
web03 : DOWN
db01 : OK
db02 : OK
xyz01 : DOWN

$




Related article:  http://systemnotesorg.blogspot.com/2007/12/ping-multiple-hosts-using-bash-nmap-and.html










Posted by



at





No comments:
  























Labels:
,
,

































Useful nmap Tips
















OS Fingerprint Scanning





Sometimes there is a question about what OS is running on a server. There are advanced options from –help, but usually running nmap with -A is enough to tell you exactly what OS is running on the server in question.

















Simple nmap scan, which includes OS detection:




nmap -v -A $s







Find an Available IP









Note that your company may have another system of record, so check there for the final authoritative answer.



A quick way to find an IP that is not in DNS, and not responding to ping, or ssh, is to run an nmap scan of the subnet.

















Use nmap to find available IPs




 net=10.1.1.0;p=24;nmap -v -R -sn ${net}/${p} -o /tmp/subnet-${net}-${p}.txt



Note: This may scan a large number of IPs, so it may be more convenient to write to a file to analyze later, rather tthan running the scan multiple times.



An available IP would be one that shows an IP address with no DNS name, and also “host down.”














Posted by



at





No comments:
  























Labels:

















        

      









Subscribe to:
Posts (Atom)