Skip to main content
Solved

Services unknown

  • 11 May 2024
  • 4 replies
  • 145 views

Hi team

I need your help to solve this NTP service.
on several of my servers in DMZ I have this error "The command (check_centreon_plugins) returned an invalid return code: -1073741502 "

Do you have any suggestions to help me solve the problem?

Thank you
SILUE .

4 replies

Laurent
Rank
Userlevel 6
Badge +20

HI @bakary.silue , try to execute the command directly from the poller with centreon-engine user:

su - centreon-engine
/usr/you_command

 

B
Badge +1

Hello,

Here is the output of the command on the poller


centreon-engine@poller4:~$ /usr/lib64/nagios/plugins/check_centreon_nrpe -H 192.168.10.100 -p 5664 -t 120 -u -P 8192 -2 -c check_centreon_plugins -a 'os::windows::local::plugin' 'time' ' --ntp-hostname="192.168.1.10" --warning="-180:180" --critical="-240:240"   '
The command (check_centreon_plugins) returned an invalid return code: -1073741502
centreon-engine@poller4:~$


We use version 0.5.2.41 of the nsclient agent and here's the nsclient agent configuration file

# If you want to fill this file with all available options run the following command:
#   nscp settings --generate --add-defaults --load-all
# If you want to activate a module and bring in all its options use:
#   nscp settings --activate-module <MODULE NAME> --add-defaults
# For details run: nscp settings --help


[/settings/log]

; LOG LEVEL - Log level to use. Available levels are error,warning,info,debug,trace
level = trace

; DATEMASK - The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve.
date format = %Y-%m-%d %H:%M:%S

; FILENAME - The file to write log data to. Set this to none to disable log to file.
file name = ${exe-path}/nsclient.log


; A list of modules.
[/modules]

; CheckDisk - CheckDisk can check various file and disk related things.
CheckDisk = 1

; CheckEventLog - Check for errors and warnings in the event log.
CheckEventLog = 1

; CheckExternalScripts - Execute external scripts
CheckExternalScripts = 1

; CheckHelpers - Various helper function to extend other checks.
CheckHelpers = 1

; CheckNSCP - Use this module to check the health and status of NSClient++ itself
CheckNSCP = 1

; CheckSystem - Various system related checks, such as CPU load, process state, service state memory usage and PDH counters.
CheckSystem = 1

; NRPEServer - A server that listens for incoming NRPE connection and processes incoming requests.
NRPEServer = 1

; CheckTaskSched - Check status of your scheduled jobs.
CheckTaskSched = 1

; WEBServer - A server that listens for incoming HTTP connection and processes incoming requests. It provides both a WEB UI as well as a REST API in addition to simplifying configuration of WEB Server module.
WEBServer = 1

; CheckNet - Network related check such as check_ping.
CheckNet = 1


; Section for REST API
[/settings/WEB/server]

;CACHE ALLOWED HOSTS - If host names (DNS entries) should be cached, improves speed and security somewhat but won�t allow you to have dynamic IPs for your Nagios server.
cache allowed hosts = true

; PORT NUMBER - Port to use for REST API.
port = 8443s

;PASSWORD - Password used to authenticate against server
password = xxxxxxxxxxxxxxxxxxxxxx

; CERTIFICATE - Ssl certificate to use for the ssl server
certificate = ${certificate-path}/certificate.pem

; ALLOWED HOSTS - A comma separated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favor of the parent.
allowed hosts = 192.168.1.1,192.168.1.2,192.168.1.3


; Section for NRPE (NRPEServer.dll) (check_nrpe) protocol options.
[/settings/NRPE/server]

; COMMAND ARGUMENT PROCESSING - This option determines whether or not the we will allow clients to specify arguments to commands that are executed.
allow arguments = true

; COMMAND ALLOW NASTY META CHARS - This option determines whether or not the we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
allow nasty characters = true

; PORT NUMBER - Port to use for NRPE.
port = 5664

timeout = 120
; Needed for long output, with check_centreon_nrpe
payload length = 8192

; EXTENDED RESPONSE - Send more then 1 return packet to allow response to go beyond payload size (requires modified client).
; extended response = true

; ALLOW INSECURE CHIPHERS and ENCRYPTION - Only enable this if you are using legacy check_nrpe client.
insecure = true

; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled.
use ssl = true

; DH KEY -
dh = ${certificat-path}/security/nrpe_dh_2048.pem

; ALLOWED HOSTS - A comma separated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. parent for this key is found under: /settings/default this is marked as advanced in favor of the parent.
allowed hosts = 192.168.1.1,192.168.1.2,192.168.1.3

; VERIFY MODE - Comma separated list of verification flags to set on the SSL socket.  default-workarounds    Various workarounds for what I understand to be broken ssl implementations no-sslv2    Do not use the SSLv2 protocol. no-sslv3    Do not use the SSLv3 protocol. no-tlsv1    Do not use the TLSv1 protocol. single-dh-use    Always create a new key when using temporary/ephemeral DH parameters. This option must be used to prevent small subgroup attacks, when the DH parameters were not generated using "strong" primes (e.g. when using DSA-parameters).   
ssl options = no-sslv2,no-sslv3,no-tlsv1


[/settings/external scripts]
allow arguments = 1
allow nasty characters = 1
timeout=120

[/settings/external scripts/scripts/default]
ignore perfdata = true


[/settings/external scripts/scripts]
check_logfiles = scripts\\centreon\\check_logfiles.exe $ARG1$
check_centreon_plugins = scripts\\centreon\\centreon_plugins.exe --plugin=$ARG1$ --mode=$ARG2$ $ARG3$
check_win_lastupdate = cscript.exe T:30 NoLogo "scripts\\centreon\\check_win_lastupdate.vbs" /c:$ARG1$ /w:$ARG2$
check_time = cscript.exe T:30 NoLogo "scripts\\centreon\\check_time.vbs" $ARG1$ $ARG2$
check_win_pslastupdate = cmd /c echo scripts\\centreon\\check_ms_win_updates.ps1 $ARG1$; exit $LastExitCode | powershell.exe -command -
check_icmp_citrix = cmd /c powershell -ExecutionPolicy Bypass -File scripts\\centreon\\check_icmp_citrix.ps1 $ARG1$

; Script wrappings - A list of templates for defining script commands. Enter any command line here and they will be expanded by scripts placed under the wrapped scripts section. %SCRIPT% will be replaced by the actual script an %ARGS% will be replaced by any given arguments.
[/settings/external scripts/wrappings]

; Batch file - Command used for executing wrapped batch files
bat = scripts\\%SCRIPT% %ARGS%

; Visual basic script - Command line used for wrapped vbs scripts
vbs = cscript.exe T:30 NoLogo scripts\\lib\\wrapper.vbs %SCRIPT% %ARGS%

; POWERSHELL WRAPPING - Command line used for executing wrapped ps1 (powershell) scripts
ps1 = cmd /c echo If (-Not (Test-Path "scripts\%SCRIPT%") ) { Write-Host "UNKNOWN: Script `"%SCRIPT%`" not found."; exit(3) }; scripts\%SCRIPT% $ARGS$; exit($lastexitcode) | powershell.exe /noprofile -command -

 

 

In the log file nsclient.ini , we can see that the command is execute

2024-05-21 03:47:19: debug:c:\source\0.5.2\include\nrpe/server/protocol.hpp:92: Accepting connection from: 192.168.1.2, count=1
2024-05-21 03:47:19: debug:c:\source\0.5.2\modules\CheckExternalScripts\CheckExternalScripts.cpp:374: Command line: scripts\\centreon\\centreon_plugins.exe --plugin=os::windows::local::plugin --mode=time  --ntp-hostname="192.168.1.2" --warning="-180:180" --critical="-240:240"   
2024-05-21 03:49:04: debug:c:\source\0.5.2\include\nrpe/server/protocol.hpp:92: Accepting connection from: 192.168.1.2, count=1
2024-05-21 03:49:05: debug:c:\source\0.5.2\modules\CheckExternalScripts\CheckExternalScripts.cpp:374: Command line: scripts\\centreon\\centreon_plugins.exe --plugin=os::windows::local::plugin --mode=time  --ntp-hostname="192.168.1.2" --warning="-180:180" --critical="-240:240"   
2024-05-21 03:50:00: debug:c:\source\0.5.2\include\nrpe/server/protocol.hpp:92: Accepting connection from: 192.168.1.2, count=1

When we execute the command locally we get this :

PS C:\Program Files\Centreon NSClient++\scripts\centreon> .\centreon_plugins.exe --plugin=os::windows::local::plugin --mode=time  --ntp-hostname="192.168.1.10" --warning="-180:180" --critical="-240:240"
OK: Time offset 0.008 second(s) | 'offset'=0.008s;-180:180;-240:240;;
PS C:\Program Files\Centreon NSClient++\scripts\centreon>

 

can you help ?

Best regards,

 

C
Rank
Userlevel 5
Badge +14

I found this

 "0xC0000142" or "-1073741502" Stop error when many PowerShell scripts call the Console.Write method or when you try to start many console applications on a PowerShell console in Windows 7 or in Windows Server 2008 R2 - Microsoft Support

or this : windows - What does ExitCode -1073741502 mean? - Stack Overflow

 

Basically it means a program cannot load a DLL, multiple possible reasons, but what are the OS Version running on your dmz servers?

is there an antivirus / EPDR that would prevent running script in “c:\windows\temp” (that’s where the centreon plugin.exe uncompress its binaries to work)

 

if you open the eventviewer on the server and look the application and system log when you are running the command from centreon, do you get any entries saying a dll could not be loaded? (and if so, which one if it is mentionned)

 

Christophe.

Centreon Lord Commander - https://www.centreon.com/centreon-community/
Fabrix
Rank
Userlevel 5
Badge +11

Hi @bakary.silue,

Please remember to click the “Best Answer” button for the solution that helped you resolve your issue.
Alternatively, you can share with us how you were able to solve the problem. By doing so, you'll help someone else with the same issue in easily finding the solution.

Thank you,

Here to help you enjoy your experience on The Watch ¯\_ (ツ) _/¯

Reply


Terms & ConditionsCookie settings