Enhancement suggestion: List defined commands on nrpe-client

[dan-m-joh]

It would be great to have a possibility to list all defined commands (comand[xy]=...) on the client.

Something like this:

nagios@server$ check_nrpe -H clienthost -v
Defined commands:
    check_load
    check_disk_sda
    check_disk_sdb

Of cause all the normal security "features" for the client should be observed.

Regards, D/\N

[ericloyd]

Why not write a script that does just that and parses the config file as a one line awk command? You need to make sure it's all one line output to capture and display properly within Nagios.

[dan-m-joh]

Yes, I have a "one-liner" that does that - BUT that implies that I have a login on the Client and in our environment I do not always have that. The clients are managed by an other team and I often get request like "Add host xyz to nagios". They have installed and configured nrpe, but they often (95% of the time) forgets to tell us which checks they have implemented and we have to get back to them and ask for the config. It would be sooo much easier to be able to list the configured checks from the server.

[ericloyd]

You have a login: your NRPE server. It can read it's own config file and display output as part of a checj.

[dan-m-joh]

Yes, that's true, but then I have to write a check (which is the easy part) and distribute it to all the new Hosts (which is the really hard part). It would be easier if this was "integrated" in the daemon.

[ericloyd]

So, from a security standpoint, if you and a customer share access to NRPE, but you don't manage the config file, why should you (Nagios server) be authorized to know what's in the config file? This may not he your specific case, but I can see where having NRPE report back the config file contents could be considered a security risk.

[dan-m-joh]

Yes, I agree with you on that point, but it would (for us at least) ease the configuration. And that is why it should not return the complete configuration, only the configured check-names.

[ericloyd]

I'm generally against the idea of building finctionality into NRPE that can be provided by scripts run by NRPE. However, I can see this going both ways though. Perhaps with a server flag added that enabled the ability and having it disabled by default. I could support that idea.

[dan-m-joh]

Yes, I can certainly live with that. THX

[ericloyd]

Don't thank me; I'm just a user like you, not a Nagios developer. :-)

I may think about submitting some code but I'm on vacation this week so not until after the First.