I'd like to monitor some hosts on which I can't allow an income connection.
Is there a away to achieve that while using "Icinga 2 Client" or "by_ssh"?
I can't find anything about that in the official documentation:
http://docs.icinga.org/icinga2/latest/doc/module/icinga2/chapter/monitoring-remote-systems#icinga2-remote-monitoring-client
My favorite set up would be that my remote host could establish an ssh connection to the Icinga2 server and send the data over that channel.
Thank you very much!
Best Answer
You can use passive checks. See: http://docs.icinga.org/latest/en/passivechecks.html
For example you can use NSCA-ng AddOn on the machine that needs to be monitored. NSCA-ng will send the status of the service to the Natios server. You will need to open firewall from the monitored host to NSCA service on Nagios server.
If you can not allow any communication between Icinga and monitored server, it is not possible to monitor it.
Another solution would be to use a jumphost (application firewall) to have limited access to the restricted servers.