Install and Configure Nagios Monitoring on Rocky Linux 9
Nagios is a widely used tool for monitoring the health and performance of servers, applications, and network services. It relies on plugins to perform routine checks on protocols and services like HTTP, SSH, disk space, and running processes. At the center of this system is Nagios Core, which is tasked with performing checks, managing the setup, and triggering notifications. When something goes wrong — like a system going offline or exceeding performance limits — Nagios Core sends out alerts.
This guide will walk you through setting up Nagios on a Rocky Linux server and configuring it to monitor services on a separate, remote machine.
Requirements
Before you start, make sure you have the following:
- A Rocky Linux server to act as your Nagios monitoring host. Use a non-root account with sudo access.
- An Ubuntu-based server to serve as the monitored client system.
Installing Nagios Core from Source
Since Nagios isn’t available in Rocky Linux 9’s standard software repositories, you’ll need to download and compile it manually. The steps below show how to set up Nagios Core and its required plugins.
Compiling Nagios Core
First, refresh the list of packages on your Rocky Linux server:
$ sudo dnf update -y
Next, install all required development tools and libraries to support the build process:
$ sudo dnf install gcc glibc glibc-common wget perl net-snmp openssl-devel make unzip gd gd-devel epel-release httpd php php-cli php-common php-gd -y
This will install the compilers, libraries, and tools required to build and run Nagios Core and its plugins.
Navigate to your user’s home folder:
$ cd ~
Create a new folder named nagios
to hold the source files:
$ mkdir nagios
Go into the newly created folder:
$ cd nagios
Download the most recent version of Nagios Core from its official site:
$ wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.5.9.tar.gz
If you don’t have the tar
utility installed, you can add it with the following command:
$ sudo dnf install tar -y
Unpack the compressed archive you downloaded earlier:
$ tar -xvf nagios-4.5.9.tar.gz
Move into the directory that contains the extracted Nagios Core source files:
$ cd nagios-4.5.9
Run the configuration script to prepare the system for compiling Nagios:
$ ./configure
Now build the binaries using the following command:
$ make all
Create a dedicated user and group on the system for running Nagios:
$ sudo make install-groups-users
You should see an output similar to this:
groupadd -r nagios
useradd -g nagios nagios
Lastly, add the Apache user to the Nagios group so that the web server can access Nagios files:
$ sudo usermod -a -G nagios apache
Installing and Configuring Nagios on Rocky Linux 9
Nagios Core includes the main binaries, configuration templates, and services that make its monitoring functions possible. The steps below show how to install and configure Nagios on a system running Rocky Linux 9.
Install Core Nagios Files
Start by installing the primary Nagios program files:
$ sudo make install
Next, install the init scripts which handle service management (starting, stopping, and restarting Nagios):
$ sudo make install-init
Install the module that allows Nagios to receive external commands via the web interface:
$ sudo make install-commandmode
Add the default set of configuration files for Nagios:
$ sudo make install-config
Install the Apache configuration file so that the Nagios web interface becomes available:
$ sudo make install-webconf
Check the Nagios configuration to confirm that it’s free of errors before launching the service:
$ sudo /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
Expected output will show no warnings or errors:
...
Total Warnings: 0
Total Errors: 0
Things look okay - No serious problems were detected during the pre-flight check
Create a user named centron-admin
who will be used to access the Nagios web dashboard. You’ll be asked to set a password:
$ sudo htpasswd -c /usr/local/nagios/etc/htpasswd.users centron
-admin
The system will return something like this after setting the password:
Adding password for user centron
-admin
Allow Apache to read the user credentials by assigning ownership of the file to the apache
and nagios
groups:
$ sudo chown apache:nagios /usr/local/nagios/etc/htpasswd.users
This change gives Apache the permissions it needs to access the Nagios authentication file.
Now start the Nagios service for the first time:
$ sudo systemctl start nagios
The output should show a symbolic link being created, indicating Nagios is active:
Created symlink /etc/systemd/system/multi-user.target.wants/nagios.service → /usr/lib/systemd/system/nagios.service.
Enable Nagios so it starts automatically when the server boots up:
$ sudo systemctl enable nagios
Check the current status of the Nagios service to confirm it’s running properly:
$ sudo systemctl status nagios
You should see output that shows the service is active, like this:
● nagios.service - Nagios Core 4.5.9
Loaded: loaded (/usr/lib/systemd/system/nagios.service; enabled; preset: disabled)
Active: active (running) since Sun 2025-02-16 06:05:12 UTC; 14s ago
Docs: https://www.nagios.org/documentation
Main PID: 74321 (nagios)
Tasks: 6 (limit: 23116)
Memory: 5.9M
CPU: 321ms
Firewall and Apache Configuration
Permit HTTP traffic through the firewall on port 80:
$ sudo firewall-cmd --add-service=http --permanent
The command should return a confirmation message:
success
Reload the firewall so that the new rule takes effect:
$ sudo firewall-cmd --reload
Ensure Apache is set to launch automatically at system startup:
$ sudo systemctl enable httpd
Finally, restart both Nagios and Apache to apply your changes and complete the installation:
$ sudo systemctl restart nagios httpd
Installing Nagios Plugins
Nagios plugins are essential for enabling Nagios to monitor hosts, services, and other system resources. Each plugin is a script or binary that performs a check on a specific target and then sends the result back to the Nagios core. Follow these instructions to install the plugins on your system.
First, go to the Nagios directory you previously created:
$ cd ~/nagios/
Then, download the latest version of the Nagios plugins from the official website:
$ wget https://nagios-plugins.org/download/nagios-plugins-2.4.11.tar.gz
Extract the contents of the downloaded archive file:
$ tar -xvf nagios-plugins-2.4.11.tar.gz
Navigate into the directory that contains the extracted plugin source files:
$ cd nagios-plugins-2.4.11
Run the configuration script to prepare the build process for the plugins:
$ ./configure
Compile the plugins using the following command:
$ make
Once the compilation is complete, install the plugins onto your system:
$ sudo make install
Restart both the Nagios service and Apache web server so the changes take effect:
$ sudo systemctl restart nagios httpd
Accessing the Nagios Web Monitoring Interface
Use the following instructions to open and log in to the Nagios web interface by connecting through your server’s public IP address.
In your browser, open a new tab and go to the following URL:
http://<your-server-ip>/nagios
Be sure to replace <your-server-ip>
with the actual IP address assigned to your Rocky Linux machine.
Once the page loads, log in using the username centron
-admin
and the password you previously set up. After signing in, you’ll be taken to the main Nagios dashboard interface.
On the left-hand menu of the dashboard, click on Tactical Overview. This section provides a quick summary of monitored systems, service statuses, overall monitoring performance, and any current alerts.
To view historical data and notifications, click on Event Log. This section shows records of past alerts, outages, and when systems recovered.
Monitoring Remote Hosts with Nagios
Nagios can keep track of various devices on the network, such as servers and routers, by identifying them as hosts. To extend its monitoring abilities beyond the local server, Nagios uses NRPE (Nagios Remote Plugin Executor). This component allows Nagios to execute checks on remote machines and receive information like performance data and resource usage even when direct access isn’t available.
Install Nagios Plugins on a Remote Machine
Before monitoring a remote device, NRPE must be installed and configured. NRPE listens for connections from the Nagios server and runs checks upon request. Here’s how to prepare the remote machine:
Update the package index:
$ sudo apt update
Install NRPE and the necessary Nagios plugins:
$ sudo apt install -y nagios-nrpe-server nagios-plugins nagios-plugins-basic nagios-nrpe-plugin
Open the NRPE configuration file with a text editor:
$ sudo vi /etc/nagios/nrpe.cfg
Find the allowed_hosts
line and include the Nagios server’s IP address:
allowed_hosts=127.0.0.1,::1,<nagios-server-ip>
Replace <nagios-server-ip>
with your Nagios server’s actual IP address.
Start the NRPE service:
$ sudo systemctl start nagios-nrpe-server
Enable NRPE to start at system boot:
$ sudo systemctl enable nagios-nrpe-server
Check the status of the NRPE service to confirm it’s running:
$ sudo systemctl status nagios-nrpe-server
Sample output might include:
● nagios-nrpe-server.service - Nagios Remote Plugin Executor
Loaded: loaded (/usr/lib/systemd/system/nagios-nrpe-server.service; enabled; preset: enabled)
Active: active (running) since Sun 2025-02-16 06:46:33 UTC; 4min 23s ago
Docs: http://www.nagios.org/documentation
Main PID: 2726 (nrpe)
Tasks: 1 (limit: 4607)
Memory: 1.0M (peak: 1.2M)
CPU: 7ms
To check the firewall status:
$ sudo ufw status
If UFW is inactive, allow SSH and enable it:
$ sudo ufw allow ssh && sudo ufw enable
Allow NRPE traffic on port 5666:
$ sudo ufw allow 5666/tcp
Output should confirm the rule was added:
Rule added
Rule added (v6)
Reload the firewall to apply changes:
$ sudo ufw reload
Output should confirm the firewall was reloaded:
Firewall reloaded
Configure the Nagios Server to Monitor Remote Hosts
To enable your Nagios server to gather data from the remote machine, you need to install the NRPE plugin and adjust some configuration files.
Install the NRPE plugin on the Nagios server:
$ sudo dnf install -y nagios-plugins-nrpe
Open the Nagios command definitions file:
$ sudo vi /usr/local/nagios/etc/objects/commands.cfg
Add the following definition to create a custom command for NRPE checks:
define command {
command_name check_nrpe
command_line /usr/lib64/nagios/plugins/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}
Define NRPE Command and Remote Host in Nagios
This command definition lets the Nagios server communicate with the NRPE agent on a remote machine, run specific monitoring plugins, and gather their results.
After adding the command, save and exit the configuration file.
Here’s what the configuration parameters mean:
- command_name: This is the internal label (
check_nrpe
) that Nagios will use to reference the command. - command_line: The actual command Nagios runs, where:
/usr/lib64/nagios/plugins/check_nrpe
executes the NRPE plugin.-H $HOSTADDRESS$
specifies the target host IP address.-c $ARG1$
defines the plugin command that will be run on the remote system.
The NRPE service uses port 5666
. You need to open this port on the firewall to allow communication from the Nagios server:
$ sudo firewall-cmd --add-port=5666/tcp --permanent
If successful, the command will return:
success
To apply the changes, reload the firewall configuration:
$ sudo firewall-cmd --reload
Now create a configuration file for the remote host:
$ sudo vi /usr/local/nagios/etc/objects/hosts.cfg
Start by defining a contact who will receive alerts related to the host or its services:
define contact {
use generic-contact
contact_name centron-admin
alias Centron Admin
email centronadmin@example.com
}
Explanation of the contact configuration:
- use generic-contact: Inherits default settings from a predefined template.
- contact_name: Internal identifier for the contact.
- alias: A descriptive label for display purposes.
- email: The address where Nagios sends alert notifications.
Next, define the remote host that Nagios will monitor:
define host {
use linux-server
host_name centron-example
address
max_check_attempts 5
check_period 24x7
notification_interval 30
notification_period 24x7
}
Here’s what the host configuration means:
- use linux-server: Applies default Linux host settings from a template.
- host_name: Unique name to identify the monitored device.
- address: The IP address of the remote host (replace
<ip-address>
with the actual IP). - max_check_attempts: Number of retries before the host is considered down.
- check_period: Time window when checks are performed (24/7 in this case).
- notification_interval: Interval in minutes for sending repeated notifications during an issue.
- notification_period: Time period in which Nagios is allowed to send notifications (set to 24/7).
Defining Services to Monitor
To monitor specific services, you can add multiple service definitions. Below are examples for monitoring SSH, system load, and total processes.
Monitor SSH:
define service {
use generic-service
host_name centron
-example service_description SSH check_command check_ssh max_check_attempts 3 check_interval 2 retry_interval 1 }
Monitor system load using NRPE:
define service {
use generic-service
host_name centron
-example service_description System Load check_command check_nrpe!check_load max_check_attempts 5 check_interval 2 retry_interval 1 }
Monitor total running processes using NRPE:
define service {
use generic-service
host_name centron
-example service_description Total Processes check_command check_nrpe!check_total_procs max_check_attempts 5 check_interval 2 retry_interval 1 }
After making the changes, save and close the configuration file.
Open the Nagios main config file:
$ sudo vi /usr/local/nagios/etc/nagios.cfg
Add this line to include the remote host config:
# Definitions for monitoring remote host
cfg_file=/usr/local/nagios/etc/objects/hosts.cfg
Save and close the file.
Validate the Nagios configuration to ensure everything is correct:
$ sudo /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
You should see output similar to this:
...
Total Warnings: 0
Total Errors: 0
Things look okay - No serious problems were detected during the pre-flight check
Restart Nagios to apply the new configuration:
$ sudo systemctl restart nagios
Verify Remote Host and Service Monitoring
To confirm that the remote host and its services are being monitored correctly, open the Nagios web interface and use the built-in dashboard features.
From the side menu, click on Hosts. The newly added remote system should be listed. If everything is working properly, its status should show as UP, indicating that the Nagios server can reach the host successfully.
Click the hostname (e.g., centron
-example
) to access the Host State Information page. This section displays detailed status information for the selected host.
To see which services are being monitored for the host, click View Status Detail For This Host on the same page. Services that are functioning normally will display an OK status.
Note: Some services may initially appear as PENDING because of the defined check intervals. This is normal. The status will update automatically after the next scheduled check.
To see all services monitored by Nagios, go to the Services section in the side menu. This list includes services on both the local Rocky Linux host (localhost) and the remote system (e.g., centron
-example).
Conclusion
You’ve now successfully set up Nagios on Rocky Linux, installed the necessary plugins, and configured monitoring for a remote host. With Nagios actively monitoring, you can scale your setup by adding more devices and service checks as needed.
For even more comprehensive monitoring, consider installing NRPE on additional remote systems and defining custom plugins based on your infrastructure. For detailed guidance, refer to the official Nagios documentation.