NRPEClient
NRPE client can be used both from command line and from queries to check remote systes via NRPE

NRPEClient — NRPEClient

NRPE client can be used both from command line and from queries to check remote systes via NRPE

Queries (Overview):

A list of all avalible queries (check commands)

Command Description
nrpe_exec Execute remote script via NRPE. (Most likely you want nrpe_query).
nrpe_forward Forward the request as-is to remote host via NRPE.
nrpe_query Request remote information via NRPE.
nrpe_submit Submit information to remote host via NRPE. (Most likely you want nrpe_query).

Commands (executable): TODO: Add command list

Configuration (Overview):

A list of all configuration options

Path / Section Key Default value Description
/settings/NRPE/client channel NRPE CHANNEL
/settings/NRPE/client/handlers     CLIENT HANDLER SECTION
/settings/NRPE/client/targets     REMOTE TARGET DEFINITIONS
/settings/NRPE/client/targets/default verify mode none VERIFY MODE
/settings/NRPE/client/targets/default certificate   SSL CERTIFICATE
/settings/NRPE/client/targets/default allowed ciphers ADH ALLOWED CIPHERS
/settings/NRPE/client/targets/default payload length 1024 PAYLOAD LENGTH
/settings/NRPE/client/targets/default timeout 30 TIMEOUT
/settings/NRPE/client/targets/default address   TARGET ADDRESS
/settings/NRPE/client/targets/default use ssl 1 ENABLE SSL ENCRYPTION

Advanced keys:

Path / Section Key Default value Description
/settings/NRPE/client/targets/default parent default PARENT
/settings/NRPE/client/targets/default certificate format PEM CERTIFICATE FORMAT
/settings/NRPE/client/targets/default dh ${certificate-path}/nrpe_dh_512.pem DH KEY
/settings/NRPE/client/targets/default ca   CA
/settings/NRPE/client/targets/default certificate key   SSL CERTIFICATE KEY
/settings/NRPE/client/targets/default port 0 TARGET PORT
/settings/NRPE/client/targets/default alias   ALIAS
/settings/NRPE/client/targets/default host   TARGET HOST
/settings/NRPE/client/targets/default is template 0 IS TEMPLATE

Sample keys:

Path / Section Key Default value Description
/settings/NRPE/client/targets/sample parent default PARENT
/settings/NRPE/client/targets/sample verify mode none VERIFY MODE
/settings/NRPE/client/targets/sample certificate format PEM CERTIFICATE FORMAT
/settings/NRPE/client/targets/sample dh ${certificate-path}/nrpe_dh_512.pem DH KEY
/settings/NRPE/client/targets/sample certificate   SSL CERTIFICATE
/settings/NRPE/client/targets/sample ca   CA
/settings/NRPE/client/targets/sample certificate key   SSL CERTIFICATE KEY
/settings/NRPE/client/targets/sample port 0 TARGET PORT
/settings/NRPE/client/targets/sample alias   ALIAS
/settings/NRPE/client/targets/sample host   TARGET HOST
/settings/NRPE/client/targets/sample allowed ciphers ADH ALLOWED CIPHERS
/settings/NRPE/client/targets/sample payload length 1024 PAYLOAD LENGTH
/settings/NRPE/client/targets/sample timeout 30 TIMEOUT
/settings/NRPE/client/targets/sample address   TARGET ADDRESS
/settings/NRPE/client/targets/sample use ssl 1 ENABLE SSL ENCRYPTION
/settings/NRPE/client/targets/sample is template 0 IS TEMPLATE

Queries

A quick reference for all avalible queries (check commands) in the NRPEClient module.

nrpe_submit

NRPEClientnrpe_submit
Submit information to remote host via NRPE. (Most likely you want nrpe_query).

Usage:

Option Default value Description
help N/A Show help screen (this screen)
help-csv N/A Show help screen as a comma separated list.
help-short N/A Show help screen (short format).
host N/A The host of the host running the server
port N/A The port of the host running the server
address N/A The address (host:port) of the host running the server
timeout N/A Number of seconds before connection times out (default=10)
target N/A Target to use (lookup connection info from config)
retry N/A Number of times ti retry a failed connection attempt (default=2)
command N/A The name of the command that the remote daemon should run
alias N/A Same as command
message N/A Message
result N/A Result code either a number or OK, WARN, CRIT, UNKNOWN
no-ssl N/A Do not initial an ssl handshake with the server, talk in plain-text.
certificate N/A Length of payload (has to be same as on the server)
dh N/A The pre-generated DH key (if ADH is used this will be your ‘key’ though it is not a secret key)
certificate-key N/A Client certificate to use
certificate-format N/A Client certificate format (default is PEM)
ca N/A A file representing the Certificate authority used to validate peer certificates
verify N/A Which verification mode to use: none: no verification, peer: that peer has a certificate, peer-cert: that peer has a valid certificate, ...
allowed-ciphers N/A Which ciphers are allowed for legacy reasons this defaults to ADH which is not secure preferably set this to DEFAULT which is better or a an even stronger cipher
payload-length N/A Length of payload (has to be same as on the server)
buffer-length N/A Same as payload-length (used for legacy reasons)
ssl N/A Initial an ssl handshake with the server.

Arguments

help (NRPEClient, nrpe_submit)
Show help screen (this screen)
help-csv (NRPEClient, nrpe_submit)
Show help screen as a comma separated list.
This is useful for parsing the output in scripts and generate documentation etc
help-short (NRPEClient, nrpe_submit)
Show help screen (short format).
host (NRPEClient, nrpe_submit)
The host of the host running the server
port (NRPEClient, nrpe_submit)
The port of the host running the server
address (NRPEClient, nrpe_submit)
The address (host:port) of the host running the server
timeout (NRPEClient, nrpe_submit)
Number of seconds before connection times out (default=10)
target (NRPEClient, nrpe_submit)
Target to use (lookup connection info from config)
retry (NRPEClient, nrpe_submit)
Number of times ti retry a failed connection attempt (default=2)
command (NRPEClient, nrpe_submit)
The name of the command that the remote daemon should run
alias (NRPEClient, nrpe_submit)
Same as command
message (NRPEClient, nrpe_submit)
Message
result (NRPEClient, nrpe_submit)
Result code either a number or OK, WARN, CRIT, UNKNOWN
no-ssl (NRPEClient, nrpe_submit)
Do not initial an ssl handshake with the server, talk in plain-text.
certificate (NRPEClient, nrpe_submit)
Length of payload (has to be same as on the server)
dh (NRPEClient, nrpe_submit)
The pre-generated DH key (if ADH is used this will be your ‘key’ though it is not a secret key)
certificate-key (NRPEClient, nrpe_submit)
Client certificate to use
certificate-format (NRPEClient, nrpe_submit)
Client certificate format (default is PEM)
ca (NRPEClient, nrpe_submit)
A file representing the Certificate authority used to validate peer certificates
verify (NRPEClient, nrpe_submit)
Which verification mode to use: none: no verification, peer: that peer has a certificate, peer-cert: that peer has a valid certificate, ...
allowed-ciphers (NRPEClient, nrpe_submit)
Which ciphers are allowed for legacy reasons this defaults to ADH which is not secure preferably set this to DEFAULT which is better or a an even stronger cipher
payload-length (NRPEClient, nrpe_submit)
Length of payload (has to be same as on the server)
buffer-length (NRPEClient, nrpe_submit)
Same as payload-length (used for legacy reasons)
ssl (NRPEClient, nrpe_submit)
Initial an ssl handshake with the server.

nrpe_query

NRPEClientnrpe_query
Request remote information via NRPE.

Usage:

Option Default value Description
help N/A Show help screen (this screen)
help-csv N/A Show help screen as a comma separated list.
help-short N/A Show help screen (short format).
host N/A The host of the host running the server
port N/A The port of the host running the server
address N/A The address (host:port) of the host running the server
timeout N/A Number of seconds before connection times out (default=10)
target N/A Target to use (lookup connection info from config)
retry N/A Number of times ti retry a failed connection attempt (default=2)
command N/A The name of the query that the remote daemon should run
arguments N/A list of arguments
query-command N/A The name of the query that the remote daemon should run
query-arguments N/A list of arguments
no-ssl N/A Do not initial an ssl handshake with the server, talk in plain-text.
certificate N/A Length of payload (has to be same as on the server)
dh N/A The pre-generated DH key (if ADH is used this will be your ‘key’ though it is not a secret key)
certificate-key N/A Client certificate to use
certificate-format N/A Client certificate format (default is PEM)
ca N/A A file representing the Certificate authority used to validate peer certificates
verify N/A Which verification mode to use: none: no verification, peer: that peer has a certificate, peer-cert: that peer has a valid certificate, ...
allowed-ciphers N/A Which ciphers are allowed for legacy reasons this defaults to ADH which is not secure preferably set this to DEFAULT which is better or a an even stronger cipher
payload-length N/A Length of payload (has to be same as on the server)
buffer-length N/A Same as payload-length (used for legacy reasons)
ssl N/A Initial an ssl handshake with the server.

Arguments

help (NRPEClient, nrpe_query)
Show help screen (this screen)
help-csv (NRPEClient, nrpe_query)
Show help screen as a comma separated list.
This is useful for parsing the output in scripts and generate documentation etc
help-short (NRPEClient, nrpe_query)
Show help screen (short format).
host (NRPEClient, nrpe_query)
The host of the host running the server
port (NRPEClient, nrpe_query)
The port of the host running the server
address (NRPEClient, nrpe_query)
The address (host:port) of the host running the server
timeout (NRPEClient, nrpe_query)
Number of seconds before connection times out (default=10)
target (NRPEClient, nrpe_query)
Target to use (lookup connection info from config)
retry (NRPEClient, nrpe_query)
Number of times ti retry a failed connection attempt (default=2)
command (NRPEClient, nrpe_query)
The name of the query that the remote daemon should run
arguments (NRPEClient, nrpe_query)
list of arguments
query-command (NRPEClient, nrpe_query)
The name of the query that the remote daemon should run
query-arguments (NRPEClient, nrpe_query)
list of arguments
no-ssl (NRPEClient, nrpe_query)
Do not initial an ssl handshake with the server, talk in plain-text.
certificate (NRPEClient, nrpe_query)
Length of payload (has to be same as on the server)
dh (NRPEClient, nrpe_query)
The pre-generated DH key (if ADH is used this will be your ‘key’ though it is not a secret key)
certificate-key (NRPEClient, nrpe_query)
Client certificate to use
certificate-format (NRPEClient, nrpe_query)
Client certificate format (default is PEM)
ca (NRPEClient, nrpe_query)
A file representing the Certificate authority used to validate peer certificates
verify (NRPEClient, nrpe_query)
Which verification mode to use: none: no verification, peer: that peer has a certificate, peer-cert: that peer has a valid certificate, ...
allowed-ciphers (NRPEClient, nrpe_query)
Which ciphers are allowed for legacy reasons this defaults to ADH which is not secure preferably set this to DEFAULT which is better or a an even stronger cipher
payload-length (NRPEClient, nrpe_query)
Length of payload (has to be same as on the server)
buffer-length (NRPEClient, nrpe_query)
Same as payload-length (used for legacy reasons)
ssl (NRPEClient, nrpe_query)
Initial an ssl handshake with the server.

nrpe_exec

NRPEClientnrpe_exec
Execute remote script via NRPE. (Most likely you want nrpe_query).

Usage:

Option Default value Description
help N/A Show help screen (this screen)
help-csv N/A Show help screen as a comma separated list.
help-short N/A Show help screen (short format).
host N/A The host of the host running the server
port N/A The port of the host running the server
address N/A The address (host:port) of the host running the server
timeout N/A Number of seconds before connection times out (default=10)
target N/A Target to use (lookup connection info from config)
retry N/A Number of times ti retry a failed connection attempt (default=2)
command N/A The name of the command that the remote daemon should run
arguments N/A list of arguments
no-ssl N/A Do not initial an ssl handshake with the server, talk in plain-text.
certificate N/A Length of payload (has to be same as on the server)
dh N/A The pre-generated DH key (if ADH is used this will be your ‘key’ though it is not a secret key)
certificate-key N/A Client certificate to use
certificate-format N/A Client certificate format (default is PEM)
ca N/A A file representing the Certificate authority used to validate peer certificates
verify N/A Which verification mode to use: none: no verification, peer: that peer has a certificate, peer-cert: that peer has a valid certificate, ...
allowed-ciphers N/A Which ciphers are allowed for legacy reasons this defaults to ADH which is not secure preferably set this to DEFAULT which is better or a an even stronger cipher
payload-length N/A Length of payload (has to be same as on the server)
buffer-length N/A Same as payload-length (used for legacy reasons)
ssl N/A Initial an ssl handshake with the server.

Arguments

help (NRPEClient, nrpe_exec)
Show help screen (this screen)
help-csv (NRPEClient, nrpe_exec)
Show help screen as a comma separated list.
This is useful for parsing the output in scripts and generate documentation etc
help-short (NRPEClient, nrpe_exec)
Show help screen (short format).
host (NRPEClient, nrpe_exec)
The host of the host running the server
port (NRPEClient, nrpe_exec)
The port of the host running the server
address (NRPEClient, nrpe_exec)
The address (host:port) of the host running the server
timeout (NRPEClient, nrpe_exec)
Number of seconds before connection times out (default=10)
target (NRPEClient, nrpe_exec)
Target to use (lookup connection info from config)
retry (NRPEClient, nrpe_exec)
Number of times ti retry a failed connection attempt (default=2)
command (NRPEClient, nrpe_exec)
The name of the command that the remote daemon should run
arguments (NRPEClient, nrpe_exec)
list of arguments
no-ssl (NRPEClient, nrpe_exec)
Do not initial an ssl handshake with the server, talk in plain-text.
certificate (NRPEClient, nrpe_exec)
Length of payload (has to be same as on the server)
dh (NRPEClient, nrpe_exec)
The pre-generated DH key (if ADH is used this will be your ‘key’ though it is not a secret key)
certificate-key (NRPEClient, nrpe_exec)
Client certificate to use
certificate-format (NRPEClient, nrpe_exec)
Client certificate format (default is PEM)
ca (NRPEClient, nrpe_exec)
A file representing the Certificate authority used to validate peer certificates
verify (NRPEClient, nrpe_exec)
Which verification mode to use: none: no verification, peer: that peer has a certificate, peer-cert: that peer has a valid certificate, ...
allowed-ciphers (NRPEClient, nrpe_exec)
Which ciphers are allowed for legacy reasons this defaults to ADH which is not secure preferably set this to DEFAULT which is better or a an even stronger cipher
payload-length (NRPEClient, nrpe_exec)
Length of payload (has to be same as on the server)
buffer-length (NRPEClient, nrpe_exec)
Same as payload-length (used for legacy reasons)
ssl (NRPEClient, nrpe_exec)
Initial an ssl handshake with the server.

nrpe_forward

NRPEClientnrpe_forward
Forward the request as-is to remote host via NRPE.

Configuration

A quick reference for all avalible configuration options in the NRPEClient module.

... / client / targets

/settings/NRPE/client/targets (NRPEClient)

Sample:

# REMOTE TARGET DEFINITIONS
#
[/settings/NRPE/client/targets]

... / client / handlers

/settings/NRPE/client/handlers (NRPEClient)

Sample:

# CLIENT HANDLER SECTION
#
[/settings/NRPE/client/handlers]

... / client / targets / sample

/settings/NRPE/client/targets/sample (NRPEClient)
Key Default Value Description
address   TARGET ADDRESS
alias   ALIAS
allowed ciphers ADH ALLOWED CIPHERS
ca   CA
certificate   SSL CERTIFICATE
certificate format PEM CERTIFICATE FORMAT
certificate key   SSL CERTIFICATE KEY
dh ${certificate-path}/nrpe_dh_512.pem DH KEY
host   TARGET HOST
is template 0 IS TEMPLATE
parent default PARENT
payload length 1024 PAYLOAD LENGTH
port 0 TARGET PORT
timeout 30 TIMEOUT
use ssl 1 ENABLE SSL ENCRYPTION
verify mode none VERIFY MODE

Sample:

# TARGET DEFENITION
# Target definition for: sample
[/settings/NRPE/client/targets/sample]
# PARENT
# The parent the target inherits from
parent=default
# VERIFY MODE
# What to verify default is non, to validate remote certificate use remote-peer
verify mode=none
# CERTIFICATE FORMAT
# Format of SSL certificate
certificate format=PEM
# DH KEY
# The diffi-hellman perfect forwarded secret to use
dh=${certificate-path}/nrpe_dh_512.pem
# SSL CERTIFICATE
# The ssl certificate to use to encrypt the communication
certificate=
# CA
# The certificate authority to use to authenticate remote certificate
ca=
# SSL CERTIFICATE KEY
# Key for the SSL certificate
certificate key=
# TARGET PORT
# The target server port
port=0
# ALIAS
# The alias (service name) to report to server
alias=
# TARGET HOST
# The target server to report results to.
host=
# ALLOWED CIPHERS
# The allowed list of ciphers, the default is insecure so a better value is: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
allowed ciphers=ADH
# PAYLOAD LENGTH
# Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work.
payload length=1024
# TIMEOUT
# Timeout when reading/writing packets to/from sockets.
timeout=30
# TARGET ADDRESS
# Target host address
address=
# ENABLE SSL ENCRYPTION
# This option controls if SSL should be enabled.
use ssl=1
# IS TEMPLATE
# Declare this object as a template (this means it will not be available as a separate object)
is template=0
parent (NRPEClient, /settings/NRPE/client/targets/sample)

PARENT

The parent the target inherits from

Advanced (means it is not commonly used)

Path: /settings/NRPE/client/targets/sample

Key: parent

Default value: default

Sample key: This key is provided as a sample to show how to configure objects

Used by: NRPEClient

Sample:

# PARENT
# The parent the target inherits from
[/settings/NRPE/client/targets/sample]
parent=default
verify mode (NRPEClient, /settings/NRPE/client/targets/sample)

VERIFY MODE

What to verify default is non, to validate remote certificate use remote-peer

Path: /settings/NRPE/client/targets/sample

Key: verify mode

Default value: none

Sample key: This key is provided as a sample to show how to configure objects

Used by: NRPEClient

Sample:

# VERIFY MODE
# What to verify default is non, to validate remote certificate use remote-peer
[/settings/NRPE/client/targets/sample]
verify mode=none
certificate format (NRPEClient, /settings/NRPE/client/targets/sample)

CERTIFICATE FORMAT

Format of SSL certificate

Advanced (means it is not commonly used)

Path: /settings/NRPE/client/targets/sample

Key: certificate format

Default value: PEM

Sample key: This key is provided as a sample to show how to configure objects

Used by: NRPEClient

Sample:

# CERTIFICATE FORMAT
# Format of SSL certificate
[/settings/NRPE/client/targets/sample]
certificate format=PEM
dh (NRPEClient, /settings/NRPE/client/targets/sample)

DH KEY

The diffi-hellman perfect forwarded secret to use

Advanced (means it is not commonly used)

Path: /settings/NRPE/client/targets/sample

Key: dh

Default value: ${certificate-path}/nrpe_dh_512.pem

Sample key: This key is provided as a sample to show how to configure objects

Used by: NRPEClient

Sample:

# DH KEY
# The diffi-hellman perfect forwarded secret to use
[/settings/NRPE/client/targets/sample]
dh=${certificate-path}/nrpe_dh_512.pem
certificate (NRPEClient, /settings/NRPE/client/targets/sample)

SSL CERTIFICATE

The ssl certificate to use to encrypt the communication

Path: /settings/NRPE/client/targets/sample

Key: certificate

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: NRPEClient

Sample:

# SSL CERTIFICATE
# The ssl certificate to use to encrypt the communication
[/settings/NRPE/client/targets/sample]
certificate=
ca (NRPEClient, /settings/NRPE/client/targets/sample)

CA

The certificate authority to use to authenticate remote certificate

Advanced (means it is not commonly used)

Path: /settings/NRPE/client/targets/sample

Key: ca

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: NRPEClient

Sample:

# CA
# The certificate authority to use to authenticate remote certificate
[/settings/NRPE/client/targets/sample]
ca=
certificate key (NRPEClient, /settings/NRPE/client/targets/sample)

SSL CERTIFICATE KEY

Key for the SSL certificate

Advanced (means it is not commonly used)

Path: /settings/NRPE/client/targets/sample

Key: certificate key

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: NRPEClient

Sample:

# SSL CERTIFICATE KEY
# Key for the SSL certificate
[/settings/NRPE/client/targets/sample]
certificate key=
port (NRPEClient, /settings/NRPE/client/targets/sample)

TARGET PORT

The target server port

Advanced (means it is not commonly used)

Path: /settings/NRPE/client/targets/sample

Key: port

Default value: 0

Sample key: This key is provided as a sample to show how to configure objects

Used by: NRPEClient

Sample:

# TARGET PORT
# The target server port
[/settings/NRPE/client/targets/sample]
port=0
alias (NRPEClient, /settings/NRPE/client/targets/sample)

ALIAS

The alias (service name) to report to server

Advanced (means it is not commonly used)

Path: /settings/NRPE/client/targets/sample

Key: alias

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: NRPEClient

Sample:

# ALIAS
# The alias (service name) to report to server
[/settings/NRPE/client/targets/sample]
alias=
host (NRPEClient, /settings/NRPE/client/targets/sample)

TARGET HOST

The target server to report results to.

Advanced (means it is not commonly used)

Path: /settings/NRPE/client/targets/sample

Key: host

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: NRPEClient

Sample:

# TARGET HOST
# The target server to report results to.
[/settings/NRPE/client/targets/sample]
host=
allowed ciphers (NRPEClient, /settings/NRPE/client/targets/sample)

ALLOWED CIPHERS

The allowed list of ciphers, the default is insecure so a better value is: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH

Path: /settings/NRPE/client/targets/sample

Key: allowed ciphers

Default value: ADH

Sample key: This key is provided as a sample to show how to configure objects

Used by: NRPEClient

Sample:

# ALLOWED CIPHERS
# The allowed list of ciphers, the default is insecure so a better value is: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
[/settings/NRPE/client/targets/sample]
allowed ciphers=ADH
payload length (NRPEClient, /settings/NRPE/client/targets/sample)

PAYLOAD LENGTH

Length of payload to/from the NRPE agent. This is a hard specific value so you have to “configure” (read recompile) your NRPE agent to use the same value for it to work.

Path: /settings/NRPE/client/targets/sample

Key: payload length

Default value: 1024

Sample key: This key is provided as a sample to show how to configure objects

Used by: NRPEClient

Sample:

# PAYLOAD LENGTH
# Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work.
[/settings/NRPE/client/targets/sample]
payload length=1024
timeout (NRPEClient, /settings/NRPE/client/targets/sample)

TIMEOUT

Timeout when reading/writing packets to/from sockets.

Path: /settings/NRPE/client/targets/sample

Key: timeout

Default value: 30

Sample key: This key is provided as a sample to show how to configure objects

Used by: NRPEClient

Sample:

# TIMEOUT
# Timeout when reading/writing packets to/from sockets.
[/settings/NRPE/client/targets/sample]
timeout=30
address (NRPEClient, /settings/NRPE/client/targets/sample)

TARGET ADDRESS

Target host address

Path: /settings/NRPE/client/targets/sample

Key: address

Default value:

Sample key: This key is provided as a sample to show how to configure objects

Used by: NRPEClient

Sample:

# TARGET ADDRESS
# Target host address
[/settings/NRPE/client/targets/sample]
address=
use ssl (NRPEClient, /settings/NRPE/client/targets/sample)

ENABLE SSL ENCRYPTION

This option controls if SSL should be enabled.

Path: /settings/NRPE/client/targets/sample

Key: use ssl

Default value: 1

Sample key: This key is provided as a sample to show how to configure objects

Used by: NRPEClient

Sample:

# ENABLE SSL ENCRYPTION
# This option controls if SSL should be enabled.
[/settings/NRPE/client/targets/sample]
use ssl=1
is template (NRPEClient, /settings/NRPE/client/targets/sample)

IS TEMPLATE

Declare this object as a template (this means it will not be available as a separate object)

Advanced (means it is not commonly used)

Path: /settings/NRPE/client/targets/sample

Key: is template

Default value: 0

Sample key: This key is provided as a sample to show how to configure objects

Used by: NRPEClient

Sample:

# IS TEMPLATE
# Declare this object as a template (this means it will not be available as a separate object)
[/settings/NRPE/client/targets/sample]
is template=0

... / client

/settings/NRPE/client (NRPEClient)
Key Default Value Description
channel NRPE CHANNEL

Sample:

# NRPE CLIENT SECTION
# Section for NRPE active/passive check module.
[/settings/NRPE/client]
# CHANNEL
# The channel to listen to.
channel=NRPE
channel (NRPEClient, /settings/NRPE/client)

CHANNEL

The channel to listen to.

Path: /settings/NRPE/client

Key: channel

Default value: NRPE

Used by: NRPEClient

Sample:

# CHANNEL
# The channel to listen to.
[/settings/NRPE/client]
channel=NRPE

... / client / targets / default

/settings/NRPE/client/targets/default (NRPEClient)
Key Default Value Description
address   TARGET ADDRESS
allowed ciphers ADH ALLOWED CIPHERS
certificate   SSL CERTIFICATE
payload length 1024 PAYLOAD LENGTH
timeout 30 TIMEOUT
use ssl 1 ENABLE SSL ENCRYPTION
verify mode none VERIFY MODE
alias   ALIAS
ca   CA
certificate format PEM CERTIFICATE FORMAT
certificate key   SSL CERTIFICATE KEY
dh ${certificate-path}/nrpe_dh_512.pem DH KEY
host   TARGET HOST
is template 0 IS TEMPLATE
parent default PARENT
port 0 TARGET PORT

Sample:

# TARGET DEFENITION
# Target definition for: default
[/settings/NRPE/client/targets/default]
# PARENT
# The parent the target inherits from
parent=default
# VERIFY MODE
# What to verify default is non, to validate remote certificate use remote-peer
verify mode=none
# CERTIFICATE FORMAT
# Format of SSL certificate
certificate format=PEM
# DH KEY
# The diffi-hellman perfect forwarded secret to use
dh=${certificate-path}/nrpe_dh_512.pem
# SSL CERTIFICATE
# The ssl certificate to use to encrypt the communication
certificate=
# CA
# The certificate authority to use to authenticate remote certificate
ca=
# SSL CERTIFICATE KEY
# Key for the SSL certificate
certificate key=
# TARGET PORT
# The target server port
port=0
# ALIAS
# The alias (service name) to report to server
alias=
# TARGET HOST
# The target server to report results to.
host=
# ALLOWED CIPHERS
# The allowed list of ciphers, the default is insecure so a better value is: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
allowed ciphers=ADH
# PAYLOAD LENGTH
# Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work.
payload length=1024
# TIMEOUT
# Timeout when reading/writing packets to/from sockets.
timeout=30
# TARGET ADDRESS
# Target host address
address=
# ENABLE SSL ENCRYPTION
# This option controls if SSL should be enabled.
use ssl=1
# IS TEMPLATE
# Declare this object as a template (this means it will not be available as a separate object)
is template=0
parent (NRPEClient, /settings/NRPE/client/targets/default)

PARENT

The parent the target inherits from

Advanced (means it is not commonly used)

Path: /settings/NRPE/client/targets/default

Key: parent

Default value: default

Used by: NRPEClient

Sample:

# PARENT
# The parent the target inherits from
[/settings/NRPE/client/targets/default]
parent=default
verify mode (NRPEClient, /settings/NRPE/client/targets/default)

VERIFY MODE

What to verify default is non, to validate remote certificate use remote-peer

Path: /settings/NRPE/client/targets/default

Key: verify mode

Default value: none

Used by: NRPEClient

Sample:

# VERIFY MODE
# What to verify default is non, to validate remote certificate use remote-peer
[/settings/NRPE/client/targets/default]
verify mode=none
certificate format (NRPEClient, /settings/NRPE/client/targets/default)

CERTIFICATE FORMAT

Format of SSL certificate

Advanced (means it is not commonly used)

Path: /settings/NRPE/client/targets/default

Key: certificate format

Default value: PEM

Used by: NRPEClient

Sample:

# CERTIFICATE FORMAT
# Format of SSL certificate
[/settings/NRPE/client/targets/default]
certificate format=PEM
dh (NRPEClient, /settings/NRPE/client/targets/default)

DH KEY

The diffi-hellman perfect forwarded secret to use

Advanced (means it is not commonly used)

Path: /settings/NRPE/client/targets/default

Key: dh

Default value: ${certificate-path}/nrpe_dh_512.pem

Used by: NRPEClient

Sample:

# DH KEY
# The diffi-hellman perfect forwarded secret to use
[/settings/NRPE/client/targets/default]
dh=${certificate-path}/nrpe_dh_512.pem
certificate (NRPEClient, /settings/NRPE/client/targets/default)

SSL CERTIFICATE

The ssl certificate to use to encrypt the communication

Path: /settings/NRPE/client/targets/default

Key: certificate

Default value:

Used by: NRPEClient

Sample:

# SSL CERTIFICATE
# The ssl certificate to use to encrypt the communication
[/settings/NRPE/client/targets/default]
certificate=
ca (NRPEClient, /settings/NRPE/client/targets/default)

CA

The certificate authority to use to authenticate remote certificate

Advanced (means it is not commonly used)

Path: /settings/NRPE/client/targets/default

Key: ca

Default value:

Used by: NRPEClient

Sample:

# CA
# The certificate authority to use to authenticate remote certificate
[/settings/NRPE/client/targets/default]
ca=
certificate key (NRPEClient, /settings/NRPE/client/targets/default)

SSL CERTIFICATE KEY

Key for the SSL certificate

Advanced (means it is not commonly used)

Path: /settings/NRPE/client/targets/default

Key: certificate key

Default value:

Used by: NRPEClient

Sample:

# SSL CERTIFICATE KEY
# Key for the SSL certificate
[/settings/NRPE/client/targets/default]
certificate key=
port (NRPEClient, /settings/NRPE/client/targets/default)

TARGET PORT

The target server port

Advanced (means it is not commonly used)

Path: /settings/NRPE/client/targets/default

Key: port

Default value: 0

Used by: NRPEClient

Sample:

# TARGET PORT
# The target server port
[/settings/NRPE/client/targets/default]
port=0
alias (NRPEClient, /settings/NRPE/client/targets/default)

ALIAS

The alias (service name) to report to server

Advanced (means it is not commonly used)

Path: /settings/NRPE/client/targets/default

Key: alias

Default value:

Used by: NRPEClient

Sample:

# ALIAS
# The alias (service name) to report to server
[/settings/NRPE/client/targets/default]
alias=
host (NRPEClient, /settings/NRPE/client/targets/default)

TARGET HOST

The target server to report results to.

Advanced (means it is not commonly used)

Path: /settings/NRPE/client/targets/default

Key: host

Default value:

Used by: NRPEClient

Sample:

# TARGET HOST
# The target server to report results to.
[/settings/NRPE/client/targets/default]
host=
allowed ciphers (NRPEClient, /settings/NRPE/client/targets/default)

ALLOWED CIPHERS

The allowed list of ciphers, the default is insecure so a better value is: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH

Path: /settings/NRPE/client/targets/default

Key: allowed ciphers

Default value: ADH

Used by: NRPEClient

Sample:

# ALLOWED CIPHERS
# The allowed list of ciphers, the default is insecure so a better value is: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
[/settings/NRPE/client/targets/default]
allowed ciphers=ADH
payload length (NRPEClient, /settings/NRPE/client/targets/default)

PAYLOAD LENGTH

Length of payload to/from the NRPE agent. This is a hard specific value so you have to “configure” (read recompile) your NRPE agent to use the same value for it to work.

Path: /settings/NRPE/client/targets/default

Key: payload length

Default value: 1024

Used by: NRPEClient

Sample:

# PAYLOAD LENGTH
# Length of payload to/from the NRPE agent. This is a hard specific value so you have to "configure" (read recompile) your NRPE agent to use the same value for it to work.
[/settings/NRPE/client/targets/default]
payload length=1024
timeout (NRPEClient, /settings/NRPE/client/targets/default)

TIMEOUT

Timeout when reading/writing packets to/from sockets.

Path: /settings/NRPE/client/targets/default

Key: timeout

Default value: 30

Used by: NRPEClient

Sample:

# TIMEOUT
# Timeout when reading/writing packets to/from sockets.
[/settings/NRPE/client/targets/default]
timeout=30
address (NRPEClient, /settings/NRPE/client/targets/default)

TARGET ADDRESS

Target host address

Path: /settings/NRPE/client/targets/default

Key: address

Default value:

Used by: NRPEClient

Sample:

# TARGET ADDRESS
# Target host address
[/settings/NRPE/client/targets/default]
address=
use ssl (NRPEClient, /settings/NRPE/client/targets/default)

ENABLE SSL ENCRYPTION

This option controls if SSL should be enabled.

Path: /settings/NRPE/client/targets/default

Key: use ssl

Default value: 1

Used by: NRPEClient

Sample:

# ENABLE SSL ENCRYPTION
# This option controls if SSL should be enabled.
[/settings/NRPE/client/targets/default]
use ssl=1
is template (NRPEClient, /settings/NRPE/client/targets/default)

IS TEMPLATE

Declare this object as a template (this means it will not be available as a separate object)

Advanced (means it is not commonly used)

Path: /settings/NRPE/client/targets/default

Key: is template

Default value: 0

Used by: NRPEClient

Sample:

# IS TEMPLATE
# Declare this object as a template (this means it will not be available as a separate object)
[/settings/NRPE/client/targets/default]
is template=0
comments powered by Disqus