NSCAClient#

NSCA client can be used both from command line and from queries to submit passive checks via NSCA

List of commands#

A list of all available queries (check commands)

Command Description
submit_nsca Submit information to the remote NSCA server.

List of Configuration#

Common Keys#

Path / Section Key Description
/settings/NSCA/client channel CHANNEL
/settings/NSCA/client hostname HOSTNAME
/settings/NSCA/client/targets/default address TARGET ADDRESS
/settings/NSCA/client/targets/default allowed ciphers ALLOWED CIPHERS
/settings/NSCA/client/targets/default certificate SSL CERTIFICATE
/settings/NSCA/client/targets/default encryption ENCRYPTION
/settings/NSCA/client/targets/default password PASSWORD
/settings/NSCA/client/targets/default retries RETRIES
/settings/NSCA/client/targets/default timeout TIMEOUT
/settings/NSCA/client/targets/default use ssl ENABLE SSL ENCRYPTION
/settings/NSCA/client/targets/default verify mode VERIFY MODE

Advanced keys#

Path / Section Key Description
/settings/NSCA/client encoding NSCA DATA ENCODING
/settings/NSCA/client/targets/default ca CA
/settings/NSCA/client/targets/default certificate format CERTIFICATE FORMAT
/settings/NSCA/client/targets/default certificate key SSL CERTIFICATE
/settings/NSCA/client/targets/default dh DH KEY
/settings/NSCA/client/targets/default encoding ENCODING
/settings/NSCA/client/targets/default host TARGET HOST
/settings/NSCA/client/targets/default payload length PAYLOAD LENGTH
/settings/NSCA/client/targets/default port TARGET PORT
/settings/NSCA/client/targets/default time offset TIME OFFSET

Sample keys#

Path / Section Key Description
/settings/NSCA/client/targets/sample address TARGET ADDRESS
/settings/NSCA/client/targets/sample allowed ciphers ALLOWED CIPHERS
/settings/NSCA/client/targets/sample ca CA
/settings/NSCA/client/targets/sample certificate SSL CERTIFICATE
/settings/NSCA/client/targets/sample certificate format CERTIFICATE FORMAT
/settings/NSCA/client/targets/sample certificate key SSL CERTIFICATE
/settings/NSCA/client/targets/sample dh DH KEY
/settings/NSCA/client/targets/sample encoding ENCODING
/settings/NSCA/client/targets/sample encryption ENCRYPTION
/settings/NSCA/client/targets/sample host TARGET HOST
/settings/NSCA/client/targets/sample password PASSWORD
/settings/NSCA/client/targets/sample payload length PAYLOAD LENGTH
/settings/NSCA/client/targets/sample port TARGET PORT
/settings/NSCA/client/targets/sample retries RETRIES
/settings/NSCA/client/targets/sample time offset TIME OFFSET
/settings/NSCA/client/targets/sample timeout TIMEOUT
/settings/NSCA/client/targets/sample use ssl ENABLE SSL ENCRYPTION
/settings/NSCA/client/targets/sample verify mode VERIFY MODE

Queries#

A quick reference for all available queries (check commands) in the NSCAClient module.

submit_nsca#

Submit information to the remote NSCA server.

Usage#

Option Default Value Description
help N/A Show help screen (this screen)
help-pb N/A Show help screen as a protocol buffer payload
show-default N/A Show default values for a given command
help-short N/A Show help screen (short format).
host The host of the host running the server
port The port of the host running the server
address The address (host:port) of the host running the server
timeout Number of seconds before connection times out (default=10)
target Target to use (lookup connection info from config)
retry Number of times ti retry a failed connection attempt (default=2)
retries legacy version of retry
source-host Source/sender host name (default is auto which means use the name of the actual host)
sender-host Source/sender host name (default is auto which means use the name of the actual host)
command The name of the command that the remote daemon should run
alias Same as command
message Message
result Result code either a number or OK, WARN, CRIT, UNKNOWN
separator Separator to use for the batch command (default is
batch Add multiple records using the separator format is: command
certificate Length of payload (has to be same as on the server)
dh Length of payload (has to be same as on the server)
certificate-key Client certificate to use
certificate-format Client certificate format
ca Certificate authority
verify Client certificate format
allowed-ciphers Client certificate format
ssl 1 Initial an ssl handshake with the server.
encryption Name of encryption algorithm to use.
payload-length Length of payload (has to be same as on the server)
buffer-length Length of payload to/from the NRPE agent. This is a hard specific value so you have to “configure” (read recompile) your NRPE agent to use the same value for it to work.
password Password
time-offset

help#

Description: Show help screen (this screen)

help-pb#

Description: Show help screen as a protocol buffer payload

show-default#

Description: Show default values for a given command

help-short#

Description: Show help screen (short format).

host#

Description: The host of the host running the server

port#

Description: The port of the host running the server

address#

Description: The address (host:port) of the host running the server

timeout#

Description: Number of seconds before connection times out (default=10)

target#

Description: Target to use (lookup connection info from config)

retry#

Description: Number of times ti retry a failed connection attempt (default=2)

retries#

Description: legacy version of retry

source-host#

Description: Source/sender host name (default is auto which means use the name of the actual host)

sender-host#

Description: Source/sender host name (default is auto which means use the name of the actual host)

command#

Description: The name of the command that the remote daemon should run

alias#

Description: Same as command

message#

Description: Message

result#

Description: Result code either a number or OK, WARN, CRIT, UNKNOWN

separator#

Description: Separator to use for the batch command (default is |)

batch#

Description: Add multiple records using the separator format is: command|result|message

certificate#

Description: Length of payload (has to be same as on the server)

dh#

Description: Length of payload (has to be same as on the server)

certificate-key#

Description: Client certificate to use

certificate-format#

Description: Client certificate format

ca#

Description: Certificate authority

verify#

Description: Client certificate format

allowed-ciphers#

Description: Client certificate format

ssl#

Deafult Value: 1

Description: Initial an ssl handshake with the server.

encryption#

Description: Name of encryption algorithm to use. Has to be the same as your server i using or it wont work at all.This is also independent of SSL and generally used instead of SSL. Available encryption algorithms are: none = No Encryption (not safe) xor = XOR des = DES 3des = DES-EDE3 cast128 = CAST-128 xtea = XTEA blowfish = Blowfish twofish = Twofish rc2 = RC2 aes128 = AES aes192 = AES aes = AES serpent = Serpent gost = GOST

payload-length#

Description: Length of payload (has to be same as on the server)

buffer-length#

Description: Length of payload to/from the NRPE agent. This is a hard specific value so you have to “configure” (read recompile) your NRPE agent to use the same value for it to work.

password#

Description: Password

time-offset#

Description:

Configuration#

NSCA CLIENT SECTION#

Section for NSCA passive check module.

# Section for NSCA passive check module.
[/settings/NSCA/client]
channel=NSCA
hostname=auto
Key Default Value Description
channel NSCA CHANNEL
encoding NSCA DATA ENCODING
hostname auto HOSTNAME

channel#

CHANNEL

The channel to listen to.

Key Description
Path: /settings/NSCA/client
Key: channel
Default value: NSCA
Used by: NSCAClient

Sample#

[/settings/NSCA/client]
# CHANNEL
channel=NSCA

encoding#

NSCA DATA ENCODING

Key Description
Path: /settings/NSCA/client
Key: encoding
Advanced: Yes (means it is not commonly used)
Default value: N/A
Used by: NSCAClient

Sample#

[/settings/NSCA/client]
# NSCA DATA ENCODING
encoding=

hostname#

HOSTNAME

The host name of the monitored computer. Set this to auto (default) to use the windows name of the computer.

auto Hostname ${host} Hostname ${host_lc} Hostname in lowercase ${host_uc} Hostname in uppercase ${domain} Domainname ${domain_lc} Domainname in lowercase ${domain_uc} Domainname in uppercase

Key Description
Path: /settings/NSCA/client
Key: hostname
Default value: auto
Used by: NSCAClient

Sample#

[/settings/NSCA/client]
# HOSTNAME
hostname=auto

CLIENT HANDLER SECTION#

# 
[/settings/NSCA/client/handlers]

REMOTE TARGET DEFINITIONS#

# 
[/settings/NSCA/client/targets]

TARGET#

Target definition for: default

# Target definition for: default
[/settings/NSCA/client/targets/default]
encryption=aes
payload length=512
retries=3
time offset=0
timeout=30
Key Default Value Description
address TARGET ADDRESS
allowed ciphers ALLOWED CIPHERS
ca CA
certificate SSL CERTIFICATE
certificate format CERTIFICATE FORMAT
certificate key SSL CERTIFICATE
dh DH KEY
encoding ENCODING
encryption aes ENCRYPTION
host TARGET HOST
password PASSWORD
payload length 512 PAYLOAD LENGTH
port TARGET PORT
retries 3 RETRIES
time offset 0 TIME OFFSET
timeout 30 TIMEOUT
use ssl ENABLE SSL ENCRYPTION
verify mode VERIFY MODE

address#

TARGET ADDRESS

Target host address

Key Description
Path: /settings/NSCA/client/targets/default
Key: address
Default value: N/A
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/default]
# TARGET ADDRESS
address=

allowed ciphers#

ALLOWED CIPHERS

A better value is: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH

Key Description
Path: /settings/NSCA/client/targets/default
Key: allowed ciphers
Default value: N/A
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/default]
# ALLOWED CIPHERS
allowed ciphers=

ca#

CA

Key Description
Path: /settings/NSCA/client/targets/default
Key: ca
Advanced: Yes (means it is not commonly used)
Default value: N/A
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/default]
# CA
ca=

certificate#

SSL CERTIFICATE

Key Description
Path: /settings/NSCA/client/targets/default
Key: certificate
Default value: N/A
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/default]
# SSL CERTIFICATE
certificate=

certificate format#

CERTIFICATE FORMAT

Key Description
Path: /settings/NSCA/client/targets/default
Key: certificate format
Advanced: Yes (means it is not commonly used)
Default value: N/A
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/default]
# CERTIFICATE FORMAT
certificate format=

certificate key#

SSL CERTIFICATE

Key Description
Path: /settings/NSCA/client/targets/default
Key: certificate key
Advanced: Yes (means it is not commonly used)
Default value: N/A
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/default]
# SSL CERTIFICATE
certificate key=

dh#

DH KEY

Key Description
Path: /settings/NSCA/client/targets/default
Key: dh
Advanced: Yes (means it is not commonly used)
Default value: N/A
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/default]
# DH KEY
dh=

encoding#

ENCODING

Key Description
Path: /settings/NSCA/client/targets/default
Key: encoding
Advanced: Yes (means it is not commonly used)
Default value: N/A
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/default]
# ENCODING
encoding=

encryption#

ENCRYPTION

Name of encryption algorithm to use. Has to be the same as your server i using or it wont work at all.This is also independent of SSL and generally used instead of SSL. Available encryption algorithms are: none = No Encryption (not safe) xor = XOR des = DES 3des = DES-EDE3 cast128 = CAST-128 xtea = XTEA blowfish = Blowfish twofish = Twofish rc2 = RC2 aes128 = AES aes192 = AES aes = AES serpent = Serpent gost = GOST

Key Description
Path: /settings/NSCA/client/targets/default
Key: encryption
Default value: aes
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/default]
# ENCRYPTION
encryption=aes

host#

TARGET HOST

The target server to report results to.

Key Description
Path: /settings/NSCA/client/targets/default
Key: host
Advanced: Yes (means it is not commonly used)
Default value: N/A
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/default]
# TARGET HOST
host=

password#

PASSWORD

The password to use. Again has to be the same as the server or it wont work at all.

Key Description
Path: /settings/NSCA/client/targets/default
Key: password
Default value: N/A
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/default]
# PASSWORD
password=

payload length#

PAYLOAD LENGTH

Length of payload to/from the NRPE agent. This is a hard specific value so you have to “configure” (read recompile) your NRPE agent to use the same value for it to work.

Key Description
Path: /settings/NSCA/client/targets/default
Key: payload length
Advanced: Yes (means it is not commonly used)
Default value: 512
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/default]
# PAYLOAD LENGTH
payload length=512

port#

TARGET PORT

The target server port

Key Description
Path: /settings/NSCA/client/targets/default
Key: port
Advanced: Yes (means it is not commonly used)
Default value: N/A
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/default]
# TARGET PORT
port=

retries#

RETRIES

Number of times to retry sending.

Key Description
Path: /settings/NSCA/client/targets/default
Key: retries
Default value: 3
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/default]
# RETRIES
retries=3

time offset#

TIME OFFSET

Time offset.

Key Description
Path: /settings/NSCA/client/targets/default
Key: time offset
Advanced: Yes (means it is not commonly used)
Default value: 0
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/default]
# TIME OFFSET
time offset=0

timeout#

TIMEOUT

Timeout when reading/writing packets to/from sockets.

Key Description
Path: /settings/NSCA/client/targets/default
Key: timeout
Default value: 30
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/default]
# TIMEOUT
timeout=30

use ssl#

ENABLE SSL ENCRYPTION

This option controls if SSL should be enabled.

Key Description
Path: /settings/NSCA/client/targets/default
Key: use ssl
Default value: N/A
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/default]
# ENABLE SSL ENCRYPTION
use ssl=

verify mode#

VERIFY MODE

Key Description
Path: /settings/NSCA/client/targets/default
Key: verify mode
Default value: N/A
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/default]
# VERIFY MODE
verify mode=

TARGET#

Target definition for: sample

# Target definition for: sample
[/settings/NSCA/client/targets/sample]
encryption=aes
payload length=512
retries=3
time offset=0
timeout=30
Key Default Value Description
address TARGET ADDRESS
allowed ciphers ALLOWED CIPHERS
ca CA
certificate SSL CERTIFICATE
certificate format CERTIFICATE FORMAT
certificate key SSL CERTIFICATE
dh DH KEY
encoding ENCODING
encryption aes ENCRYPTION
host TARGET HOST
password PASSWORD
payload length 512 PAYLOAD LENGTH
port TARGET PORT
retries 3 RETRIES
time offset 0 TIME OFFSET
timeout 30 TIMEOUT
use ssl ENABLE SSL ENCRYPTION
verify mode VERIFY MODE

address#

TARGET ADDRESS

Target host address

Key Description
Path: /settings/NSCA/client/targets/sample
Key: address
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/sample]
# TARGET ADDRESS
address=

allowed ciphers#

ALLOWED CIPHERS

A better value is: ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH

Key Description
Path: /settings/NSCA/client/targets/sample
Key: allowed ciphers
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/sample]
# ALLOWED CIPHERS
allowed ciphers=

ca#

CA

Key Description
Path: /settings/NSCA/client/targets/sample
Key: ca
Advanced: Yes (means it is not commonly used)
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/sample]
# CA
ca=

certificate#

SSL CERTIFICATE

Key Description
Path: /settings/NSCA/client/targets/sample
Key: certificate
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/sample]
# SSL CERTIFICATE
certificate=

certificate format#

CERTIFICATE FORMAT

Key Description
Path: /settings/NSCA/client/targets/sample
Key: certificate format
Advanced: Yes (means it is not commonly used)
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/sample]
# CERTIFICATE FORMAT
certificate format=

certificate key#

SSL CERTIFICATE

Key Description
Path: /settings/NSCA/client/targets/sample
Key: certificate key
Advanced: Yes (means it is not commonly used)
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/sample]
# SSL CERTIFICATE
certificate key=

dh#

DH KEY

Key Description
Path: /settings/NSCA/client/targets/sample
Key: dh
Advanced: Yes (means it is not commonly used)
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/sample]
# DH KEY
dh=

encoding#

ENCODING

Key Description
Path: /settings/NSCA/client/targets/sample
Key: encoding
Advanced: Yes (means it is not commonly used)
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/sample]
# ENCODING
encoding=

encryption#

ENCRYPTION

Name of encryption algorithm to use. Has to be the same as your server i using or it wont work at all.This is also independent of SSL and generally used instead of SSL. Available encryption algorithms are: none = No Encryption (not safe) xor = XOR des = DES 3des = DES-EDE3 cast128 = CAST-128 xtea = XTEA blowfish = Blowfish twofish = Twofish rc2 = RC2 aes128 = AES aes192 = AES aes = AES serpent = Serpent gost = GOST

Key Description
Path: /settings/NSCA/client/targets/sample
Key: encryption
Default value: aes
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/sample]
# ENCRYPTION
encryption=aes

host#

TARGET HOST

The target server to report results to.

Key Description
Path: /settings/NSCA/client/targets/sample
Key: host
Advanced: Yes (means it is not commonly used)
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/sample]
# TARGET HOST
host=

password#

PASSWORD

The password to use. Again has to be the same as the server or it wont work at all.

Key Description
Path: /settings/NSCA/client/targets/sample
Key: password
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/sample]
# PASSWORD
password=

payload length#

PAYLOAD LENGTH

Length of payload to/from the NRPE agent. This is a hard specific value so you have to “configure” (read recompile) your NRPE agent to use the same value for it to work.

Key Description
Path: /settings/NSCA/client/targets/sample
Key: payload length
Advanced: Yes (means it is not commonly used)
Default value: 512
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/sample]
# PAYLOAD LENGTH
payload length=512

port#

TARGET PORT

The target server port

Key Description
Path: /settings/NSCA/client/targets/sample
Key: port
Advanced: Yes (means it is not commonly used)
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/sample]
# TARGET PORT
port=

retries#

RETRIES

Number of times to retry sending.

Key Description
Path: /settings/NSCA/client/targets/sample
Key: retries
Default value: 3
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/sample]
# RETRIES
retries=3

time offset#

TIME OFFSET

Time offset.

Key Description
Path: /settings/NSCA/client/targets/sample
Key: time offset
Advanced: Yes (means it is not commonly used)
Default value: 0
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/sample]
# TIME OFFSET
time offset=0

timeout#

TIMEOUT

Timeout when reading/writing packets to/from sockets.

Key Description
Path: /settings/NSCA/client/targets/sample
Key: timeout
Default value: 30
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/sample]
# TIMEOUT
timeout=30

use ssl#

ENABLE SSL ENCRYPTION

This option controls if SSL should be enabled.

Key Description
Path: /settings/NSCA/client/targets/sample
Key: use ssl
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/sample]
# ENABLE SSL ENCRYPTION
use ssl=

verify mode#

VERIFY MODE

Key Description
Path: /settings/NSCA/client/targets/sample
Key: verify mode
Default value: N/A
Sample key: Yes (This section is only to show how this key is used)
Used by: NSCAClient

Sample#

[/settings/NSCA/client/targets/sample]
# VERIFY MODE
verify mode=