RADIUS Monitoring tool

Arran Cudbard-Bell a.cudbardb at freeradius.org
Wed Feb 25 23:48:00 CET 2015


> On 25 Feb 2015, at 17:24, Matthew Newton <mcn4 at leicester.ac.uk> wrote:
> 
> On Wed, Feb 25, 2015 at 01:44:05PM -0500, Arran Cudbard-Bell wrote:
>> 
>>> On 25 Feb 2015, at 12:29, A.L.M.Buxey at lboro.ac.uk wrote:
>>> 
>>> we use NAGIOS and have some local eapol_test scripts
>>> formonitor/alerts and use'monit' to check status of the radius
>>> process and restart it when dead
>> 
>> You don't need a monitoring solution.
> 
> What planet are you visiting from? ;-)

I meant for solving that particular issue :P

> Maybe this would be ok, though:
> 
>  sql {
>  	fail = 1
>  }
>  if (fail) {
>  	do_not_respond
>    send_admin_emails_until_this_broken_mess_is_fixed
>  }

You just scrape the logs from the NAS looking for "can't contact RADIUS server messages" :)

>> Do that for all modules critical to authentication.
> 
> It fixes the problem of NASes hanging onto a RADIUS server that's
> broken, sure. But doesn't help you know that you need to fix it!
> 
> OTOH, anything but monit. My experiences has been along the lines
> of "is that service running? Oh great, let's restart it just in
> case." Hence replaced by a very small shell script!

Oh pfft. Monit works fine... ish. Munin is a fun one, i've had one hung RADIUS instance take down all monitoring for the box. I guess thats our fault though, for not implementing a read timeout in radmin.

Suppose I should go and fix that *grumble*.

-Arran

> 
> Cheers,
> 
> Matthew
> 
> 
> --
> Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
> 
> Systems Specialist, Infrastructure Services,
> I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
> 
> For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS development team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 872 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150225/e8129801/attachment-0001.sig>


More information about the Freeradius-Users mailing list