The tool to working with USB devices is sdparm. In CentOS and RedHat you can obtain the version of sdparm compatible with your architecture using YUM. To find the package run: ‘sudo yum list \*sdparm\*`. The hardware I am using is i386, so the package returned is: sdparm.i386. Run: `sudo yum install sdparm.i386` to install the package.

To view the parameters of the device run: `sudo sdparm -a /dev/(device name for the USB disk)`.

sudo sdparm -a /dev/sdb

    /dev/sdb: Seagate   Desktop           0130

Power condition mode page:

PM_BG       		0  	[cha: n, def:  0, sav:  0]

STANDBY_Y   	0  	[cha: n, def:  0, sav:  0]

IDLE_C      		0  	[cha: n, def:  0, sav:  0]

IDLE_B      		0  	[cha: n, def:  0, sav:  0]

IDLE        		0  	[cha: n, def:  0, sav:  0]

STANDBY     	1  	[cha: y, def:  1, sav:  1]

ICT         		0  	[cha: n, def:  0, sav:  0]

SCT       		9000  	[cha: y, def:9000, sav:9000]

SAT ATA 		Power condition mode page:

APMP        		0  	[cha: n, def:  0, sav:  0]

APM         		0  	[cha: n, def:  0, sav:  0]

Running sdparm actually shows you the type of device. If you have an older device, you can use sdparm to see the device type. The parameter that is a concern with the Seagate Expansion external hard drive is the STANBY 1. That setting needs to be set to 0, so it is off.

You can run `sudo sdparm` to see a listing of options.

I ran `sudo sdparm –clear=STANDBY /dev/sdb` to clear or set to 0 the STANDBY mode. Now when I run `sudo sdparm -a /dev/sdb` this is what we see:

sudo sdparm -a /dev/sdb

 /dev/sdb: Seagate   Desktop           0130

Power condition mode page:

PM_BG       		0  		[cha: n, def:  0, sav:  0]

STANDBY_Y   	0  		[cha: n, def:  0, sav:  0]

IDLE_C      		0  		[cha: n, def:  0, sav:  0]

IDLE_B      		0  		[cha: n, def:  0, sav:  0]

IDLE        		0  		[cha: n, def:  0, sav:  0]

STANDBY     	0  		[cha: y, def:  1, sav:  1]

ICT         		0  		[cha: n, def:  0, sav:  0]

SCT       		4294967286  [cha: y, def:9000, sav:9000]

SAT ATA 		Power condition mode page:

APMP        		0  		[cha: n, def:  0, sav:  0]

APM         		0  		[cha: n, def:  0, sav:  0]

That should be all you need to perform to remove the STANDBY mode. Now, be warned that once you restart the Linux system the device will return to the default settings. What I did to overcome this limitation was to place the following two lines in the /etc/rc.local file:

if [[ `/sbin/fdisk -l /dev/sdb`]]
then
   /usr/bin/sdparm --clear=STANDBY /dev/sdb
   mount /dev/sdb1 /mnt/usb
fi

The last script to run is the /etc/rc.local so the changes take place prior to the device being mounted. The if statement ensures the device exists.

The solution was the Seagate Expansion, USB 2.0 Plug-and-play, 1 TB external drive. Purchase price was $69 on amazon.com. I received the Seagate Expansion drive in three business days through the United States Postal Service.

When the external drive arrived, I need to decide which computer to attach the device. I have several laptops running Windows Vista and Windows 7; however, the laptops would not be available all the time. I could attach the device to a Windows 2000 server and share the file system or I could attach the device to Cent OS 5.7, i386.

I decided to work with the Cent OS system. The Cent OS 5.7 is running xen-3.0.3. The quests range in operating systems from Windows 2003 to Red Hat 5.6 server depending upon the current project. Cent OS and Red Hat can be configured to support NTFS partitions, but Windows had difficulty supporting ext3 partitions. Anther concern was the propagation of viruses on the share to the operating system, which Linux is very immune to due to permissions and file system structure.

The first step was to connect the USB drive to the laptop via a USB port. Once it was attached, a message immediately appeared that the device could not be mounted due to a file system issue. So, the first step is to configure NTFS file system support for the kernel.

In order for the kernel to support NTFS the ntfs-3g package needs to be installed. The package in CentOS 5.7 i386 is fuse-ntfs-3g-2010.2-1.el5.rf. A very good article was, “http://www.mywurdz.com/node/222” titled “Installing NTFS support in CentOS 5.5.” The laptop hardware is i386 and the article is written for x86_64, so here are the commands I ran:

• cd /tmp
• wget http://apt.sw.be/RPM-GPG-Key.dag.txt
• sudo rpm –import RPM-GPG-KEY.dag.txt – This installs the repository keys
• wget http://tree.repoforge.org/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-05.2-2.el5.rf.rpm
• sudo rpm -i –test rpmforge-release-0.5.2-2.el5.rf.i386.rpm (test is testing for dependencies)
• sudo rpm -i rpmforge-release-0.5.2-2.el5.rf.i386.rpm
• sudo yum list \*fuse\* to see if we have the right repository
• sudo yum install fuse fuse-ntfs-3g
• sudo mkdir /mnt/usb
• sudo mount /dev/sdb1 (device name will vary on your OS, so run fdisk -l /dev/sd[b -d] until you see the NTFS partitioned device.

That was all there is to mounting the device. Best of all, no OS restart was required to install the NTFS support. Now, the device is portable from CentOS to the other Window’s operating systems on the network. All Linux 2.6 kernels provide support for NTFS; however, the package to examine and install is ntfs-3g.

The script is written in the Perl language. It provides options for the user, error message when the query does not result in a count, and Nagios perfdata. The perfdata is displayed in PnP4Nagios and the rows displayed are based upon the result.

Any questions or comments let me know. Below is the Perl script. The script does require the Nagios utils.pm and DBD::Mysql.

#!/usr/bin/perl -w 

# Copyright (c) 2011 Mikhail Kniaziewicz (http://www.systemmonitoringhowto.com)
#Date: March 23, 2011
#Script: check_lxmemory.pl
#Purpose: Provide a Nagios Pluggin to check the counts
#	  from a MySQL Database and provide perfdata.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.

use strict;
use Getopt::Long;
use File::Basename;
use DBI;
use DBD::mysql;
#Change the following to the directory containing utils.pm
#(utils.pm ships with nagios).
use lib "/nagios/libexec/";
use utils qw($TIMEOUT %ERRORS &usage &support &print_revision);

Getopt::Long::Configure('bundling');
my ( $query,$dsn, $opt_h, $opt_w, $opt_c, $opt_q, $opt_H, $opt_D,
 $opt_u ,$opt_p, $opt_P, $results, $execute, @rows, $connect, $message, $perfdata);
my $opt_t    = $TIMEOUT;
my $opt_V  = "0.1.1";
my $PROGNAME = basename($0);
my $MYSQL = "/usr/bin/mysql";
my $result;

#Help and Usage sub prototypes
sub print_help () ;
sub print_usage () ; 

GetOptions(
    "version|V"  => \$opt_V,
    "help|?|h"   => \$opt_h,
    "t=i"        => \$opt_t,
    "timeout=i"  => \$opt_t,
    "w=i"        => \$opt_w,
    "warning=i"  => \$opt_w,
    "c=i"        => \$opt_c,
    "critical=i" => \$opt_c,
    "query=s"    => \$opt_q,
    "q=s"	 => \$opt_q,
    "hostname=s" => \$opt_H,
    "H=s"	 => \$opt_H,
    "username"   => \$opt_u,
    "u=s"	 => \$opt_u,
    "database"   => \$opt_D,
    "D=s"	 => \$opt_D,
    "p=s"	 => \$opt_p,
    "password=s" => \$opt_p,
    "port|P=i"   => \$opt_P,
);

print_usage() if ($opt_h);
print_help() if !($opt_c) && !($opt_h);

sub print_help (){
    print "\n";
    printversion();
    print "\nCopyright (c) 2011 Mikhail Kniaziewicz \(mikhailk1\@verizon.net\)\n\n";
    print "\n$PROGNAME is used to find a count from a MySQL SELECT query.
    You should create a user account with a password and grant only
    SELECT privilages to the database you want $PROGNAME to query.\n";
    print "\n";
    print_usage();
    print "\n";
    print_support();
    exit 1;
}
sub print_usage () {
    print "\nUSAGE: $PROGNAME [-w warning] [-c critical]
     [-q \"Query String\"]\n [-H hostname] [-u username] [-p password]
     [-D database] [-P port]\n";
    print "\nEXAMPLE: $PROGNAME -w 10000 -c 20000
     -q \"SELECT COUNT\(\*\) from nagios_hosts\;\" -u nagios -p nagios -D nagios -P 3306\n";
}

sub printversion(){
	print "PROGRAM:$PROGNAME Version:$opt_V \n";
}

sub print_support(){
	print "For support, please email mikhailk1\@verizon.net
               with a description of the problem. Plugin is only
               designed for MySQL in server version 5\.0\.2\n\n";
}

#Let's get down to business
#Check to make sure we have all the plugin elements
if (!($opt_w && $opt_c && $opt_q && $opt_H && $opt_u
&& $opt_D && $opt_p)){
 print print_usage();
 exit $ERRORS{'UNKNOWN'};
} else {
#Create MySQL connection string
$dsn = "dbi:mysql:$opt_D:$opt_H:3306";
$connect = DBI->connect($dsn,$opt_u,$opt_p) \
|| die "Cannot connect to the DB: $DBI::errstr\n";
$query = $connect->prepare($opt_q);
$query->execute();
while(@rows = $query->fetchrow_array()){
    $result = "@rows";
}
}

#Check the results for numeric value
if (!($result =~ m/^(\d+)$/)){
	print "STATUS UNKNOWN: $result rows $perfdata\n";
	print_help();
	exit $ERRORS{'UNKNOWN'};
}

#Let's process the results
$perfdata = "|num_rows=$result;$opt_w;$opt_c;0;$result";
if ($opt_w > $result && $opt_c > $result){
	print "STATUS OK: $result rows $perfdata\n";
	exit $ERRORS{'OK'};
}elsif ($opt_w <= $result && $opt_c >= $result){
	print "STATUS WARNING: $result rows $perfdata\n";
	exit $ERRORS{'WARNING'};
}elsif ($opt_w <= $result && $opt_c <= $result){
	print "STATUS CRITICAL: $result rows $perfdata\n";
	exit $ERRORS{'CRITICAL'};
}else {
	print "STATUS UNKNOWN: $result rows $perfdata\n";
	exit $ERRORS{'UNKNOWN'};
}

Enjoy and please try to check out the sponsors to the right.

Mike Kniaziewicz

We will be importing this file into our scripts. Remember you might have hundreds of IP addresses and hosts to check. Also remember the program path may be different than what is in these scripts, so check the path prior to running any of these scripts.

BASH

##!/bin/bash
#export PATH=$PATH:/bin:/usr/sbin:/sbin/:/opt:/tmp
#source in our hosts.config file under /tmp

#for hosts in $(awk '/^[1-9]/ {print $1}' /tmp/hosts.config)
#do
#ping -c 3 -t 30 $hosts >/dev/null
#    if [ $? -ne 0 ]
#    then
#        echo $hosts $?
#    fi
#done
#exit

PERL

#!/usr/bin/perl -w
use strict;
use Net::Ping;
$ENV{'PATH'}='/bin:/usr/sbin/:/usr/bin:/sbin:/opt:/tmp';
open( FH,'new("syn",30);
while (<FH>)
{
	my ($host,$hostname) = split /\t/;
	if ($host =~ /^\d/)
	{
         print "$host is alive.\n" if $p->ping($host);
	 print "$host is unreachable.\n" if !$p->ping($host);
	}
}
$p->close();
close(FH);
exit(0);

Ping elicits a response from a server as a check for the system’s availability on the network. Ping does not show the state of the operating system. The operating system could be frozen to the point end users cannot log into the system to perform work, but still respond to a ping command. If a router, switch, or hub is down the ping command will not return a reply even if the server is operational.

Security concerns will prompt an organization to disallow ping. Excessive pings are used as a denial of service attack. Organizations will also divide systems into subnets. The subnets may be private for security reasons, which are seen with servers in the DMZ. Ping a DMZ server will reveal the server IP address and open the server to attacks. DMZ servers are usually only accesses through an organization’s intranet.

Another concern is the ping check configuration. Set the number of ping requests and the packet size to a low number. Also set the TTL (time to live). The TTL is the number of milliseconds the ping packet will live on the network and try to reach the destination. TTL for internal servers should be set low. Remote site servers should be set higher. Remember, TTL decreases by one millisecond for each hop and also by the time it takes to traverse the network.

Ping is a basic system monitoring command. Organizations should set the number of requests, packet size, and TTL based on the organizations accept response time. Ping does not warrant circumventing security practices. Security is a higher priority and there are other methods to check the availability of a host.

Avoid providing system monitoring tools with root or administrator privileges. Providing system monitoring tools with root or administrator access is asking for trouble. Many graphical user interfaces (GUI) require authentication by a user to log into the application; however, once logged in the user can perform administrative tasks assigned to the application. Someone obtaining a user’s account information he or she can launch the system monitoring tool into a promiscuous mode and create problems across the enterprise.

Avoid providing root access to system monitoring accounts and software. System monitoring tools should execute “select only” queries. Consider providing the systems monitoring account with sudo so only specific commands can be run on servers. If the account requires root to run a command, consider placing the command in the root crontab or administrator tasks menu.

System monitoring tools also need to be configured to adhere to current security policies. Disallowing a server to respond to a “ping” command means the system monitoring tool needs to find a different method for obtaining a server’s status. Organizations will also disallow SNMP traps because of security reasons, so do not implement system monitoring software that exclusively uses SNMP traps.

Denial of service attacks are also a security concern with system monitoring tools. Set the system check frequency to the point business critical data flows unimpeded across the network. Consider combining system checks. System checks can double as a disk check and host availability check.

System monitoring needs to be planned with security in mind. System monitoring tools should not circumvent established security policies. If root or administrative privileges are necessary for a monitoring task consider tailoring the root access just to that command and where possible use the system’s root user to send information back to the system monitoring tool. Security considerations will make system monitoring a smooth task and not another security violation during an audit.

System monitoring would not be a necessity for a home repair contractor. Home repair contractors do use computer systems to make appointments and maintain inventory but a four hour computer service contract will suffice. Once the system has been restored or repaired, home repair contractors can enter inventory and appointments.

On the other hand, system monitoring is vital for the banking industry. Banks are totally reliant upon computer systems for daily business transactions. Computer systems maintain currency exchanges and bank account information. Loss of revenue is substantial when a computer system becomes unavailable, so ROI warrants system monitoring.

ROI also determines the investment in system monitoring software. Organizations would not want to spend elaborate sums of money on system monitoring software unless there was a substantial ROI. Happily for everyone, system monitoring software comes in every price level.

System monitoring software pricing ranges from zero to over $1 million. The amount of configuration an organization will need to perform to monitor systems and also by software support agreements determines price. Open source software is not at the zero price range because the organization will need to pay for someone to configure and maintain the software (cost of labor).

System checks integrated into the operating system and hardware are zero cost. Many server manufacturers will have an automatic shutdown when the central processing unit becomes (CPU) too hot. Operating systems (OS) will have log files to indicate when a file system becomes corrupt or full. In this case ROI is considered when the hardware and OS are acquired.

Determining ROI will ensure the organization acquires the correct system monitoring solution. Not every business requires system monitoring. System monitoring solutions vary in price based upon configuration and support contracts. However, there is a price range for everyone who desires the ability to monitor the organization’s computer systems.