Amazon EC2 Monitoring using Nagios XI

Is your Nagios renewal coming up or do you need Nagios support? Let us quote and we will guarantee to beat your normal price.

Recently I have been looking at various different tool’s capabilities with regards to cloud monitoring and in my tests I had a look at Amazon EC2 (Elastic Compute Cloud) monitoring using Nagios XI.
Nagios XI provides some pretty basic monitoring of Amazon EC2 (and S3 which I’ll explore in another blog) straight out of the box. This includes the measurement of the following items:

  • CPU Credit Usage
  • CPU Credit Balance
  • CPU Utilization
  • Disk Read/Write Operations
  • Dis Read/Write Bytes
  • Network In/Out
  • Network Packets In/Out
  • Instance Up/Down

Before we get started we will need a system to monitor and therefore to do the testing I ran up a free t2.micro instance running Red Hat 8. It is a tiny system but will do for this purpose.

Getting AWS Security Credentials

The first step is to obtain an Access Key ID and a Secret Passkey from Amazon. To do this we do the following:

  1. Log in as your AWS admin user
  2. Click on EC2
  3. Click Running Instances
  4. Click on the login name at the top and choose My Security Credentials
  5. In the resulting Security Credentials screen click on Create New Access Key
  6. You can now either press Show Access Key to display on the screen or download the details in a file called rootkey.csv. I did both to be sure, but I eventually simply cut and pasted the credentials into the Nagios Wizard

Configuring Nagios XI to Monitor an EC2 Instance

  1. Login to Nagios as an administrator.
  2. Click on Configure at the top menu and then choose the Amazon EC2 wizard
  3. The following Window will be displayed


  1. Enter Access Key ID and the Secret Access Key obtained earlier from AWS.
  2. Nagios now has a 4-step process to complete the monitoring.
  3. Click on the Get Available Instances box.
  4. Step 1: This will display any instances you have available. In my case only the one we ran up earlier.

  1. Tick the instance you want and press Next.
  2. Step 2: You can now enter the details that you can monitor and some sample thresholds as shown below

  1. Make appropriate changes and press Next.
  2. Step 3: Choose the Monitoring interval (default is 5 minutes) and press Next.
  3. Step 4: Lastly, choose the administrators to get notifications and finally press Finish.
  4. As long as everything is working after a few minutes you will get the following message.

  1. Click on the View status details link for the system you are monitoring and you will see the Service Status. The features you chose to monitor will probably initially be in Pending state.
  2. After a while, these will be evaluated and will either change to OK, Critical or Unknown. The Unknown instances will also eventually evaluate too as shown in the following screen.

There are 2 issues that remain: One is a real critical alert showing on CPU Credit Balance and secondly there is a host unavailable alert for the new instance which we need to resolve.

  1. CPU Credit Balance is simply the amount of CPU Credit available in your account at any moment. When you create an instance, you will get an initial CPU Credit. In every hour you will get a certain amount of CPU credits automatically(this amount depends on the type of instance). This alert is simply saying of my Free instance I am using up my credit.
  2. Secondly, the host is down even though we can connect and pull data back. This is simply because by default a new EC2 instance has ping turned off in the security groups. To enable this we need to add a rule to the security group. This procedure is shown below.

Enabling Ping on an AWS instance

To do this follow this procedure:

  1. Go to EC2 Dashboard and click Running Instances
  2. On Security Groups, select the group of your instance which you need to add security.
  3. Click on the Inbound tab
  4. Click the Edit Button (It will open a popup window)
  5. Click Add Rule
  6. Select the Custom ICMP rule – IPv4 as Type
  7. Select Echo Request as the Protocol (Port Range by default show as “N/A)
  8. Enter the as Source
  9. Click Save

I checked again the next day and we can see some historical data has been captured. Pretty simple and basic monitoring but it is not bad as a starting point and it is very simple to configure.

Let me know if this was useful or you want more help with your Nagios XI monitoring.

Simon Barnes

Views: 1591

Comments are closed.