cd_nrpe | Parameters

[s2If current_user_can(access_s2member_level1)]

• pkg_ensure (string) (defaults to: 'latest') —

  which package type to choose, i.e. latest or present.

• ne_log_facility (string) (defaults to: 'daemon') —

  the log facility to use.

• ne_log_file (string) (defaults to: '') —

  If a log file is specified in this option, nrpe will write to that file instead of using syslog. i.e. /var/run/nrpe.log

• ne_debug (string) (defaults to: '0') —

  Whether debugging messages are logged to the syslog facility.

• ne_nrpe_port (string) (defaults to: '5666') —

  the NRPE port. used in firewall ( optional) and configuration file.

• ne_listen_queue_size (string) (defaults to: '5') —

  Listen queue size (backlog) for serving incoming connections.

• ne_nagios_server (string) (defaults to: $::nagios_server) —

  ipaddress of the nagios server to be allowed to connect to NRPE service. Default is to look up a global parameter from ENC.

• ne_dont_blame_nrpe (string) (defaults to: '1') —

  whether or not the NRPE daemon will allow clients to specify arguments to commands that are executed.

• ne_allow_bash_cmd_subst (string) (defaults to: '1') —

  whether or not the NRPE daemon will allow clients to specify arguments that contain bash command substitutions of the form $(…).

• ne_allow_sudo (boolean) (defaults to: true) —

  Whether to allow sudo access. used in nrpe.cfg as well as for creating a sudo role.

• ne_command_prefix (string) (defaults to: '/usr/bin/sudo') —

  allows you to prefix all commands with a user-defined string.

• ne_incl_fw (string) (defaults to: true) —

  Whether to include firewall rules

• ne_command_timeout (string) (defaults to: '60') —

  maximum number of seconds that the NRPE daemon will allow plugins to finish executing before killing them off.

• ne_connection_timeout (string) (defaults to: '300') —

  maximum number of seconds that the NRPE daemon will wait for a connection to be established before exiting.

• ne_ssl_version (string) (defaults to: 'TLSv2+') —

  These directives allow you to specify how to use SSL/TLS.

• ne_ssl_use_adh (string) (defaults to: '1') —

  This is for backward compatibility and is DEPRECATED. Set to 1 to enable ADH or 2 to require ADH. 1 is currently the default but will be changed in a later version.

• ne_ssl_cipher_list (string) (defaults to: 'ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH') —

  ciphers can be used. For backward compatibility, this defaults to ‘ssl_cipher_list=ALL:!MD5:@STRENGTH’ in this version but will be changed in a later version of NRPE.

• ne_ssl_cacert_file (string) (defaults to: '/etc/pki/tls/certs/ca-chain.crt.pem') —

  path and name of the ssl certificate authority (ca) file / chain. must be full path.

• ne_ssl_cert_file (string) (defaults to: "/etc/pki/tls/certs/${::fqdn}.crt.pem") —

  path and name of the server ssl certificate. must include full path.

• ne_ssl_privatekey_file (string) (defaults to: "/etc/pki/tls/private/${::fqdn}.key.pem") —

  path and name of the server ssl private key. Must include full path.

• ne_ssl_client_certs (string) (defaults to: '2') —

  determines client certificate usage. Values: 0 = Don’t ask for or require client certificates 1 = Ask for client certificates 2 = Require client certificates

• ne_ssl_logging (string) (defaults to: '0x00') —

  determines which SSL messages are send to syslog. OR values together to specify multiple options. Values: 0x00 (0) = No additional logging (default) 0x01 (1) = Log startup SSL/TLS parameters 0x02 (2) = Log remote IP address 0x04 (4) = Log SSL/TLS version of connections 0x08 (8) = Log which cipher is being used for the connection 0x10 (16) = Log if client has a certificate 0x20 (32) = Log details of client’s certificate if it has one -1 or 0xff or 0x2f = All of the above

• ne_nasty_metachars (array) (defaults to: ["|`&><'\\[]{};\r\n"]) —

  list of characters that cannot

• ne_include_file (string) (defaults to: '') —

  include definitions from an external config file.

• ne_fw_order_no (string) (defaults to: '50') —

  ordering prefix for he firewall rules. Adjust to your environment if needed.

• ne_ssl_opts (string) (defaults to: '') —

  Specify additional SSL options.

• ne_user (string) (defaults to: 'nrpe') —

  the NRPE service user

• ne_user_comment (string) (defaults to: 'NRPE service user') —

  The comment for the service user /etc/passwd

• ne_user_uid (string) (defaults to: '1005') —

  the UID for the service user

• ne_user_home (string) (defaults to: '/var/run/nrpe') —

  the home for the service user

• ne_user_shell (string) (defaults to: '/sbin/nologin') —

  the shell for the service user.

• ne_user_groups (string) (defaults to: undef) —

  additional groups for the service user.

• ne_server_address (string) (defaults to: '0.0.0.0') —

  the network interfaces to listen on

• ne_allow_weak_rnd_seed (string) (defaults to: '1') —

  Whether to allow weak random seeds

• ne_include_selinux (string) (defaults to: true) —

  Whether to manage selinux

• ne_enable_ssl (boolean) (defaults to: false) —

  Whether to enable SSL certificates.

• ne_manage_cmds (boolean) (defaults to: true) —

  Whether to manage command rules for NRPE checks, to allow dynamic check & command rules.

  Parameters in defines

• ne_check_cmd (string) (defaults to: undef) —

  Specify the check_command to use.

• ne_cmd_path (string) (defaults to: '/usr/lib64/nagios/plugins/') —

  The path to the command scripts, usually where the nagis_plugins are located. If you use your own scripts, specify the custom location including the trailing slash

• ne_cmd_argstring (Any) (defaults to: undef) —

  Specify the string of valid argument for the command , i.e. -w $ARG1$ -c $ARG2$. See the arguments in th eman pages for the checks.

• ne_cmd_comment (string) (defaults to: '') —

  Specify an optional comment for your command definition

[/s2If]

[s2If !current_user_can(access_s2member_level1)]

• pkg_ensure (string) (defaults to: 'latest') —

  which package type to choose, i.e. latest or present.

• ne_log_facility (string) (defaults to: 'daemon') —

  the log facility to use.

• ne_log_file (string) (defaults to: '') —

  If a log file is specified in this option, nrpe will write to that file instead of using syslog. i.e. /var/run/nrpe.log

• ne_debug (string) (defaults to: '0') —

  Whether debugging messages are logged to the syslog facility.

• ne_nrpe_port (string) (defaults to: '5666') —

  the NRPE port. used in firewall ( optional) and configuration file.

• ne_listen_queue_size (string) (defaults to: '5') —

  Listen queue size (backlog) for serving incoming connections.

• ne_nagios_server (string) (defaults to: $::nagios_server) —

  ipaddress of the nagios server to be allowed to connect to NRPE service. Default is to look up a global parameter from ENC.

• ne_dont_blame_nrpe (string) (defaults to: '1') —

  whether or not the NRPE daemon will allow clients to specify arguments to commands that are executed.

• ne_allow_bash_cmd_subst (string) (defaults to: '1') —

  whether or not the NRPE daemon will allow clients to specify arguments that contain bash command substitutions of the form $(…).

• ne_allow_sudo (boolean) (defaults to: true) —

  Whether to allow sudo access. used in nrpe.cfg as well as for creating a sudo role.

• ne_command_prefix (string) (defaults to: '/usr/bin/sudo') —

  allows you to prefix all commands with a user-defined string.

• ne_incl_fw (string) (defaults to: true) —

  Whether to include firewall rules

• ne_command_timeout (string) (defaults to: '60') —

  maximum number of seconds that the NRPE daemon will allow plugins to finish executing before killing them off.

• ne_connection_timeout (string) (defaults to: '300') —

  maximum number of seconds that the NRPE daemon will wait for a connection to be established before exiting.

• ne_ssl_version (string) (defaults to: 'TLSv2+') —

  These directives allow you to specify how to use SSL/TLS.

• ne_ssl_use_adh (string) (defaults to: '1') —

  This is for backward compatibility and is DEPRECATED. Set to 1 to enable ADH or 2 to require ADH. 1 is currently the default but will be changed in a later version.

• ne_ssl_cipher_list (string) (defaults to: 'ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!RC4:!MD5:@STRENGTH') —

  ciphers can be used. For backward compatibility, this defaults to ‘ssl_cipher_list=ALL:!MD5:@STRENGTH’ in this version but will be changed in a later version of NRPE.

• ne_ssl_cacert_file (string) (defaults to: '/etc/pki/tls/certs/ca-chain.crt.pem') —

  path and name of the ssl certificate authority (ca) file / chain. must be full path.

• ne_ssl_cert_file (string) (defaults to: "/etc/pki/tls/certs/${::fqdn}.crt.pem") —

  path and name of the server ssl certificate. must include full path.

• ne_ssl_privatekey_file (string) (defaults to: "/etc/pki/tls/private/${::fqdn}.key.pem") —

  path and name of the server ssl private key. Must include full path.

• ne_ssl_client_certs (string) (defaults to: '2') —

  determines client certificate usage. Values: 0 = Don’t ask for or require client certificates 1 = Ask for client certificates 2 = Require client certificates

• ne_ssl_logging (string) (defaults to: '0x00') —

  determines which SSL messages are send to syslog. OR values together to specify multiple options. Values: 0x00 (0) = No additional logging (default) 0x01 (1) = Log startup SSL/TLS parameters 0x02 (2) = Log remote IP address 0x04 (4) = Log SSL/TLS version of connections 0x08 (8) = Log which cipher is being used for the connection 0x10 (16) = Log if client has a certificate 0x20 (32) = Log details of client’s certificate if it has one -1 or 0xff or 0x2f = All of the above

• ne_nasty_metachars (array) (defaults to: ["|`&><'\\[]{};\r\n"]) —

  list of characters that cannot

• ne_include_file (string) (defaults to: '') —

  include definitions from an external config file.

• ne_fw_order_no (string) (defaults to: '50') —

  ordering prefix for he firewall rules. Adjust to your environment if needed.

• ne_ssl_opts (string) (defaults to: '') —

  Specify additional SSL options.

• ne_user (string) (defaults to: 'nrpe') —

  the NRPE service user

• ne_user_comment (string) (defaults to: 'NRPE service user') —

  The comment for the service user /etc/passwd

• ne_user_uid (string) (defaults to: '1005') —

  the UID for the service user

• ne_user_home (string) (defaults to: '/var/run/nrpe') —

  the home for the service user

• ne_user_shell (string) (defaults to: '/sbin/nologin') —

  the shell for the service user.

• ne_user_groups (string) (defaults to: undef) —

  additional groups for the service user.

• ne_server_address (string) (defaults to: '0.0.0.0') —

  the network interfaces to listen on

• ne_allow_weak_rnd_seed (string) (defaults to: '1') —

  Whether to allow weak random seeds

• ne_include_selinux (string) (defaults to: true) —

  Whether to manage selinux

• ne_enable_ssl (boolean) (defaults to: false) —

  Whether to enable SSL certificates.

• ne_manage_cmds (boolean) (defaults to: true) —

  Whether to manage command rules for NRPE checks, to allow dynamic check & command rules.

  Parameters in defines

• ne_check_cmd (string) (defaults to: undef) —

  Specify the check_command to use.

• ne_cmd_path (string) (defaults to: '/usr/lib64/nagios/plugins/') —

  The path to the command scripts, usually where the nagis_plugins are located. If you use your own scripts, specify the custom location including the trailing slash

• ne_cmd_argstring (Any) (defaults to: undef) —

  Specify the string of valid argument for the command , i.e. -w $ARG1$ -c $ARG2$. See the arguments in th eman pages for the checks.

• ne_cmd_comment (string) (defaults to: '') —

  Specify an optional comment for your command definition

[/s2If]