"No data was received from host!"
Brought to you by:
montitech
Menu
▾
▴
I have installed Nc-Net on various Windows systems and have one server that gives the following problem.
Everything appears to be monitored fine, except that once in a while check_nt (The Nc-Net version) returns:
"No data was received from host!"
This repeats for some time, and eventually fires a Nagios notification.
Checking the Windows eventlog I see the following events before the time that the host produces the alert:
Timer Elapsed:2878
CCID:2878
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
The number for CCID & “Timer Elapsed” increases with each event in the event log.
Any idea what may cause this? Anyone experienced this?
It has been suggested that this may be resolved by the following: http://support.microsoft.com/kb/900822/ on the Nagios users mailing list, I'm not keen on beta testing Microsoft hotfixes however (especially as it's a domain controller) and many times in the past I've found that these 'hotfixes' simply disable the Event from showing, rather than fix the problem.
The system is an Active Directory Domain Controller.
FYI - (In answer to some of the questions on the Nagios Mailing List)
I am only running active checks, and only:
CPU LOAD
MEM USAGE
USED DISK SPACE (on 2 logical drives)
Version is v4.1a
Thanks for the report,
I just looked throught he code for this issue,
The NC_NEt Timer Elapsed EVENTID 6
is caused by the internal NC_NEt command timeout.
The numerer is just an arbitray numebr representing the TImeout thread and the command processing thread. IT will always match.
When a command is issued to NC_NET, NC_NEt starts a timer to prevent a command from running away,
the default timeout is 20s, If this is exceded it then goes to send out an error to the check_nt, shutdown the socket and then continue to the next command. IF Nagios sends out a lot of checks to the host. and these checks start waiting in a queue to be processed. then check_nt would timout prior to NC_NEt and thus cause a rippling effect. that takes a bit to clear. (this effect should be very rare)
The client_timeout in the startup config controls this nc_net internal timeout.
this can be disabled by makeing the value 0 or less.
THiS is different fromt he check_nt timeout.
the timeout of check_nt can be increased using the -t. may also assist in resolving this issue.
With only checking the CPU,MEM and Disks I am not sure what would have induced the lag in getting the results, unless some other application interfeared (like antivirus or other Dot Net application, or the system itsself was unable to release resources to NC_NEt to proces the command. (NC_Net should have SYStem privlages to prevent issues with reasource permissions)
The Disk check uses WMI, and sometimes WMI querries take longer to respond to requests. but rarely is this logner than a few seconds and the default timeouts are usually around 20s for NC_NEt.
to better understand the cause if the delay, one would need to resarch the Nagios Logs to see if they could uncover the command that started the queue backup.
TOny. (author of NC_Net)
Sorry for hijacking this post but i have to report a similar error:
./check_nc_nt -v EVENTLOG -l "Application,any,0,1,Fatal Error,0"
--------------------
No data was received from host!
could not fetch information from server
--------------------
If I change the Eventlog to System, everything works just fine:
./check_nc_nt -v EVENTLOG -l "System,Error,5,0,1,(Fatal Error),0"
--------------------
OK: No entries in System log recently.
--------------------
The Application Log contains 18 Log-Entries, whereas the System Log contained none.
The Configuration within the Eventlog section in nc_net startup.cfg is:
evntlog_desc_trim 100
regex_options Multiline,Compiled,IgnoreCase
The Eventlog in Windows spills out the following message (same as the poster above):
Timer Elapsed:268
CCID:268
Thx,
Sorry for hijacking this post but i have to report a similar error:
./check_nc_nt -v EVENTLOG -l "Application,any,0,1,Fatal Error,0"
is the wrong syntex, (it is missing the interval
Try this
./check_nc_nt -v EVENTLOG -l "Application,any,10,0,1,Fatal Error,0"
Also on the lattest version of NC_NEt there is a EVENTLOG_NEw , upgrade and use that command instead since it has a better to read syntex and it is optimized to use reasources more conservatively.
TOny
New version due in April 2008
Donations are accepted at www.montitech.com