Nagios Core User Guide
Overview
This guide covers the deployment and configuration of Nagios Core on Linux using cloudimg AMIs from the AWS Marketplace. Nagios Core is an open source infrastructure monitoring system that provides monitoring of servers, network devices, applications, and services. It alerts administrators when issues are detected and when they are resolved.
What's included in this AMI:
- Nagios Core 4.5.6 with web administration portal on port 80
- Apache HTTP Server for serving the Nagios web interface
- MySQL database for Nagios data storage
- Randomly generated Nagios admin and MySQL credentials
- OS package update script for keeping the system current
- AWS CLI v2 for AWS service integration
- Systems Manager Agent (SSM) for remote management
- CloudWatch Agent for monitoring
- Latest security patches applied at build time
- 24/7 cloudimg support with guaranteed 24 hour response SLA
Prerequisites
Before launching this AMI, ensure you have:
- An active AWS account
- An active subscription to the Nagios Core listing on AWS Marketplace
- An EC2 key pair for SSH access
- Familiarity with EC2 instance management and SSH
Recommended Instance Type: t3.small (2 vCPU, 2 GB RAM) or larger. The minimum requirements are 1 vCPU, 1 GB RAM, and 20 GB disk space.
Step 1: Launch the AMI
- Navigate to the AWS Marketplace and search for "Nagios Core cloudimg"
- Click Continue to Subscribe, accept the terms, then Continue to Configuration
- Select your preferred Region and Software Version
- Click Continue to Launch
- Choose Launch through EC2 for full control over instance configuration
- Select your instance type (
t3.smallrecommended) - Configure storage: 20 GB gp3 minimum
- Configure your Security Group with the following inbound rules:
| Port | Protocol | Source | Purpose |
|---|---|---|---|
| 22 | TCP | Your IP | SSH access |
| 80 | TCP | Your IP | Nagios administration portal |
Important: Restrict port 80 to trusted IP addresses only. The Nagios web interface provides full access to monitoring configuration.
- Select your EC2 key pair and launch the instance
Step 2: Connect via SSH
Once your instance is running and has passed both status checks (2/2), connect using SSH:
ssh -i your-key.pem ec2-user@<public-ip-address>
To switch to the root user:
sudo su -
Step 3: Retrieve Nagios Credentials
The Nagios administrator credentials have been randomly generated and stored on the instance:
Nagios admin password:
cat /stage/scripts/nagios-credentials.log
MySQL root password (used by Nagios for data storage):
cat /stage/scripts/mysql_root_password.log
Step 4: Access the Nagios Web Interface
The Apache HTTP server starts automatically on boot, making Nagios Core accessible immediately. Open your web browser and navigate to:
http://<public-ip-address>/nagios
You will see the Nagios login prompt. Enter:
- Username:
nagiosadmin - Password: The value from
/stage/scripts/nagios-credentials.log
After logging in, you will see the Nagios Core dashboard showing the daemon status, version information, and navigation menu on the left.
Step 5: Explore the Nagios Dashboard
The Nagios web interface provides several monitoring views:
Current Status: - Tactical Overview — High level summary of all monitored hosts and services - Map — Visual network topology map - Hosts — Status of all monitored hosts - Services — Status of all monitored services - Host Groups / Service Groups — Grouped views
Reports: - Availability — Uptime and availability reports - Trends — Performance trend analysis - Alerts — Alert history and summaries
System: - Comments / Downtime — Scheduled maintenance windows - Process Info — Nagios daemon status - Configuration — View current monitoring configuration
Adding a Host to Monitor
To add a new host for monitoring, create a configuration file:
sudo vi /usr/local/nagios/etc/objects/myserver.cfg
Example host configuration:
define host {
use linux-server
host_name web-server-01
alias Production Web Server
address 10.0.1.100
max_check_attempts 5
check_period 24x7
notification_interval 30
notification_period 24x7
}
define service {
use generic-service
host_name web-server-01
service_description PING
check_command check_ping!100.0,20%!500.0,60%
}
define service {
use generic-service
host_name web-server-01
service_description SSH
check_command check_ssh
}
Include the new configuration file in the main Nagios config:
echo "cfg_file=/usr/local/nagios/etc/objects/myserver.cfg" >> /usr/local/nagios/etc/nagios.cfg
Verify the configuration:
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
Restart Nagios to apply changes:
systemctl restart nagios
Server Components
| Component | Install Path |
|---|---|
| Nagios Core | /usr/local/nagios |
Note: Component versions may be updated on first boot by the automatic OS package update script.
Filesystem Layout
| Mount Point | Size | Description |
|---|---|---|
| / | 38 GB | Root filesystem |
| /boot | 2 GB | Operating system kernel files |
Key Nagios directories:
| Directory | Purpose |
|---|---|
| /usr/local/nagios | Nagios installation root |
| /usr/local/nagios/etc | Configuration files |
| /usr/local/nagios/etc/objects | Host, service, and command definitions |
| /usr/local/nagios/bin | Nagios binaries |
| /usr/local/nagios/libexec | Check plugins |
| /usr/local/nagios/var | Runtime data and logs |
| /usr/local/nagios/share | Web interface files |
Managing Services
Nagios:
systemctl status nagios
systemctl stop nagios
systemctl start nagios
systemctl restart nagios
Apache HTTP Server:
systemctl status httpd
systemctl stop httpd
systemctl start httpd
Scripts and Log Files
| Script/Log | Path | Description |
|---|---|---|
| initial_boot_update.sh | /stage/scripts | Updates the OS with the latest packages on first boot |
| initial_boot_update.log | /stage/scripts | Output log for the boot update script |
| mysql_root_password.log | /stage/scripts | MySQL root database password |
| nagios-credentials.log | /stage/scripts | Nagios administrator credentials |
On Startup
An OS package update script runs on first boot to ensure the image is fully up to date. You can disable this by removing the script and its crontab entry:
rm -f /stage/scripts/initial_boot_update.sh
crontab -e
# Delete the following line, save and exit:
@reboot /stage/scripts/initial_boot_update.sh
Troubleshooting
Cannot access Nagios on port 80
- Verify Apache is running:
systemctl status httpd - Verify Nagios is running:
systemctl status nagios - Check your security group allows port 80 from your IP
- Check Apache error logs:
tail -f /var/log/httpd/error_log
Nagios configuration error after adding hosts
- Always verify before restarting:
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg - Check for syntax errors in the configuration file
- Ensure all referenced commands and templates exist
Notifications not being sent
- Check that notification commands are configured in
/usr/local/nagios/etc/objects/commands.cfg - Verify contact email addresses in
/usr/local/nagios/etc/objects/contacts.cfg - Ensure the mail service is configured on the instance
Cannot log in to Nagios web interface
- Verify credentials from
/stage/scripts/nagios-credentials.log - Reset the nagiosadmin password:
htpasswd /usr/local/nagios/etc/htpasswd.users nagiosadmin
Security Recommendations
- Change the nagiosadmin password after first login using
htpasswd - Restrict port access: Only allow port 80 from trusted IPs
- Enable HTTPS: Configure Apache with SSL for encrypted access to the monitoring console
- Secure credential files: Delete
/stage/scripts/nagios-credentials.logafter noting values - Use NRPE for remote checks: Install NRPE agent on monitored hosts for secure local checks
- Limit command execution: Restrict which external commands can be run through the web interface
- Keep Nagios updated: Apply security patches when available
- Monitor the monitor: Set up external health checks for the Nagios instance itself
Support
If you encounter any issues with this product, contact cloudimg support:
- Email: support@cloudimg.co.uk
- Website: www.cloudimg.co.uk
- Support hours: 24/7 with guaranteed 24 hour response SLA