summaryrefslogtreecommitdiff
path: root/puppet/modules/nagios/files/nsca/nsca.cfg
blob: 0b019ea1897fa25a1ad845cd5b02690fd12fa11b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
# This file is managed by Puppet.
#
####################################################
# Sample NSCA Daemon Config File 
# Written by: Ethan Galstad (nagios@nagios.org)
# 
# Last Modified: 04-03-2006
####################################################


# PID FILE
# The name of the file in which the NSCA daemon should write it's process ID
# number.  The file is only written if the NSCA daemon is started by the root
# user as a single- or multi-process daemon.

pid_file=/var/run/nsca.pid



# PORT NUMBER
# Port number we should wait for connections on.
# This must be a non-priveledged port (i.e. > 1024).

server_port=5667



# SERVER ADDRESS
# Address that NSCA has to bind to in case there are
# more as one interface and we do not want NSCA to bind
# (thus listen) on all interfaces.

#server_address=192.168.1.1



# NSCA USER
# This determines the effective user that the NSCA daemon should run as.  
# You can either supply a username or a UID.
# 
# NOTE: This option is ignored if NSCA is running under either inetd or xinetd

nsca_user=nagios



# NSCA GROUP
# This determines the effective group that the NSCA daemon should run as.  
# You can either supply a group name or a GID.
# 
# NOTE: This option is ignored if NSCA is running under either inetd or xinetd

nsca_group=nogroup



# NSCA CHROOT
# If specified, determines a directory into which the nsca daemon
# will perform a chroot(2) operation before dropping its privileges.
# for the security conscious this can add a layer of protection in
# the event that the nagios daemon is compromised.  
# 
# NOTE: if you specify this option, the command file will be opened
#       relative to this directory.

#nsca_chroot=/var/run/nagios/rw



# DEBUGGING OPTION
# This option determines whether or not debugging
# messages are logged to the syslog facility. 
# Values: 0 = debugging off, 1 = debugging on

debug=0



# COMMAND FILE
# This is the location of the Nagios command file that the daemon
# should write all service check results that it receives.
# Note to debian users: nagios 1.x and nagios 2.x have
# different default locations for this file.  this is the
# default location for nagios 1.x:
#command_file=/var/run/nagios/nagios.cmd
# and this is the default location for nagios2:
#command_file=/var/lib/nagios2/rw/nagios.cmd
# and this is the default location for nagios3:
command_file=/var/lib/nagios3/rw/nagios.cmd

# ALTERNATE DUMP FILE
# This is used to specify an alternate file the daemon should
# write service check results to in the event the command file
# does not exist.  It is important to note that the command file
# is implemented as a named pipe and only exists when Nagios is
# running.  You may want to modify the startup script for Nagios
# to dump the contents of this file into the command file after
# it starts Nagios.  Or you may simply choose to ignore any
# check results received while Nagios was not running...

alternate_dump_file=/var/run/nagios/nsca.dump


# AGGREGATED WRITES OPTION
# This option determines whether or not the nsca daemon will
# aggregate writes to the external command file for client
# connections that contain multiple check results.  If you
# are queueing service check results on remote hosts and
# sending them to the nsca daemon in bulk, you will probably
# want to enable bulk writes, as this will be a bit more
# efficient.
# Values: 0 = do not aggregate writes, 1 = aggregate writes

aggregate_writes=0



# APPEND TO FILE OPTION
# This option determines whether or not the nsca daemon will
# will open the external command file for writing or appending.
# This option should almost *always* be set to 0!
# Values: 0 = open file for writing, 1 = open file for appending

append_to_file=0



# MAX PACKET AGE OPTION
# This option is used by the nsca daemon to determine when client
# data is too old to be valid.  Keeping this value as small as
# possible is recommended, as it helps prevent the possibility of
# "replay" attacks.  This value needs to be at least as long as
# the time it takes your clients to send their data to the server.
# Values are in seconds.  The max packet age cannot exceed 15
# minutes (900 seconds).  If this variable is set to zero (0), no
# packets will be rejected based on their age.

max_packet_age=30



# DECRYPTION PASSWORD
# This is the password/passphrase that should be used to descrypt the
# incoming packets.  Note that all clients must encrypt the packets
# they send using the same password!
# IMPORTANT: You don't want all the users on this system to be able
# to read the password you specify here, so make sure to set
# restrictive permissions on this config file!

#password=



# DECRYPTION METHOD
# This option determines the method by which the nsca daemon will
# decrypt the packets it receives from the clients.  The decryption
# method you choose will be a balance between security and performance,
# as strong encryption methods consume more processor resources.
# You should evaluate your security needs when choosing a decryption
# method.
#
# Note: The decryption method you specify here must match the
#       encryption method the nsca clients use (as specified in
#       the send_nsca.cfg file)!!
# Values:
#
# 	0 = None	(Do NOT use this option)
#       1 = Simple XOR  (No security, just obfuscation, but very fast)
#
#       2 = DES
#       3 = 3DES (Triple DES)
#	4 = CAST-128
#	5 = CAST-256
#	6 = xTEA
#	7 = 3WAY
#	8 = BLOWFISH
#	9 = TWOFISH
#	10 = LOKI97
#	11 = RC2
#	12 = ARCFOUR
#
#	14 = RIJNDAEL-128
#	15 = RIJNDAEL-192
#	16 = RIJNDAEL-256
#
#	19 = WAKE
#	20 = SERPENT
#
#	22 = ENIGMA (Unix crypt)
#	23 = GOST
#	24 = SAFER64
#	25 = SAFER128
#	26 = SAFER+
#

decryption_method=1