10. Using samhain with nagios

After running ./configure , you will find the script check_samhain.pl in the subdirectory scripts/ of the samhain distribution, which you can copy to the nagios libexec/ directory. Before doing so, you may want to edit the script to set the correct path to the libexec/ directory in the following line:

      use lib "/usr/local/nagios/libexec";
      

The following recipe to use this script has been kindly provided by kiarna:

Nagios runs as user 'nagios'. However, in order to check the filesystem, you typically want to run samhain as 'root'. You can use sudo to fix this problem. In your /etc/sudoers file, add the line:

	nagios ALL = NOPASSWD:/path/to/check_samhain
      

Next, add the service to the nagios file objects/commands.cfg:

	# 'check_samhain' command definition 
	define command{ 
	command_name check_samhain
	command_line /usr/bin/sudo -u root $USER1$/check_samhain -t 100 
      }

Another option would be to install the check_samhain script with SUID permissions instead of using sudo (this requires that the suidperl package is installed and that samhain has been compiled with ./configure --enable-suid ...

	# 'check_samhain' command definition 
	define command{ 
	command_name check_samhain
	command_line $USER1$/check_samhain -t 100 
	}
      

Checking the filesystem may take some time, so you may want to increase the nagios plugin timeout by changing the following line in nagios.cfg from 60 to 600:

      service_check_timeout=600

Then add the service to the appropriate section in the nagios service.cfg file.