• Scaricare il plugin:

sudo wget "https://raw.githubusercontent.com/fail2ban/fail2ban/master/files/nagios/check_fail2ban" -O /usr/local/lib/nagios/plugins/check_fail2ban
sudo chmod +x /usr/local/lib/nagios/plugins/check_fail2ban

• Abilitare l'esecuzione tramite sudo:

sudo visudo -f /etc/sudoers.d/check_fail2ban

nagios          ALL=(root) NOPASSWD: /usr/local/lib/nagios/plugins/check_fail2ban

• Testare:

sudo -u nagios sudo /usr/local/lib/nagios/plugins/check_fail2ban 

CHECK FAIL2BAN ACTIVITY - CRITICAL - 12 detected jails with 88 current banned IP(s)

• Definire il check_command locale:

sudoedit /etc/nagios-plugins/config/fail2ban.cfg

# check_fail2ban
define command{
        command_name    check_fail2ban
        command_line    /usr/bin/sudo /usr/lib/nagios/plugins/local/check_fail2ban -w $ARG1$ -c $ARG2$
}

# 'check_fail2ban_jail' command definition
define command{
    command_name    check_fail2ban_jail
    command_line    /usr/bin/sudo /usr/local/lib/nagios/plugins/check_fail2ban -p -j $ARG1$ -w $ARG2$ -c $ARG3$
}

• Definire il service check locale:

define service{
    use                 generic-service
    host_name           hostname.example.com
    service_description FAIL2BAN
    check_command       check_fail2ban!200!250
}

• Definire i check-command nrpe:

sudoedit /etc/nagios/nrpe.d/check-fail2ban.cfg

command[check-fail2ban]=/usr/bin/sudo /usr/local/lib/nagios/plugins/check_fail2ban -p -D FAIL2BAN-GLOBAL -w 200 -c 250 

• Riavviare nrpe

sudo /etc/init.d/nagios-nrpe-server restar

• Definire il service check con nrpe:

define service{
    use                 generic-service
    host_name           hostname.example.com
    service_description FAIL2BAN
    check_command       check-nrpe-check-fail2ban
}