Search All Sites

Search Exchange

Get Monitoring

Nagios Live Webinars

Let our experts show you how Nagios can help your organization.

Contact Us

Phone: 1-888-NAGIOS-1
Email: sales@nagios.com

Login

Remember Me

Category: Security

Nagios plugins for monitoring security software.

Network Monitoring Software - Download Nagios XI
Log Management Software - Nagios Log Server - Download
Netflow Analysis Software - Nagios Network Analyzer - Download

Submit Your Nagios Project!

Help build Nagios Exchange for yourself and the entire the Nagios Community by your Nagios project to the site. It's easy - just create an account, login, and add a new listing. Read the FAQ for instructions.
Sub-Categories:
Additional listings are organized in the following sub-categories:
Category Listings:
There are 81 Listings in this Category.List your addon or plugin here!

Check Centrify

A plugin to check the Centrify service running on a local machine. It will report CPU and Memory of the adclient process, the zone, the DC and the version. -- Update 07/04/2016, new version of script uploaded which now accepts command line args and al ...

LicenseGPL

Check Iptables

www.techironic.com

This plugin check if the number of iptables rules loaded and the ones that are supposed to be loaded are the same. If the numbers are not ok it notifies nagios and logs on /var/log/iptables the users logged in at the time.

LicenseGPL

Check Nessus Scans

This is a check to download and parse a given Nessus scan (see http://www.tenable.com/products/nessus-vulnerability-scanner) and return the number of critical and high vulnerabilities.

LicenseGPL

Check setting sshd (Security of SSH)

This check control the security of your SSH service (The setting of sshd_config file) 4 values are checking: PermitRootLogin, Protocol, Port and PermitEmptyPasswords For more detail ./check_setting_sshd.sh -h

Check UniFi Video

This is a plugin (bash script) that pulls the latest recording time of UniFi video cameras from the UniFi video server. It uses JSON parsing to pull a single variable from the Unifi Video system through the Admin API.

LicenseMIT

Check Windows for Indicators of Compromise - Via Event ...

www.linuxincluded.com/uncovering-indicators-of-compromise/

Check_ioc is a script to check for various, selectable indicators of compromise on Windows systems via PowerShell and Event Logs. It was primarily written to be run on a schedule via a Nagios NCPA agent, however, it may also be run from a command-line (fo ...

LicenseGPL

checkfilechange

This Nagios plugin monitors the state of files/directors, using the inotify State Monitoring tool, receiving as arguments the states and files/directors to be monitored, as well as the path of the log file, where the inotify registers the events, notifyin ...

LicenseGPL

checkIPtables

project.brain-force.ch/Nagios/wiki/plugins/security/firewall

Plugin written as bash script to check the health of iptables and the rules in there. It performs several check: * checks command ($DEF_IPT and $DEF_IPS) and rulefiles ($DEF_IPT_RFILE and $DEF_IPS_RFILE), returns ...

LicenseGPL

CheckSSLCertExpiry

A simple bash script to check if the ssl certificate is getting expire. If getting expired in 10 days then it will alert. Syntax: script : Feel free to change, as per need, example for -c and -w. For now I just made it simple.

LicenseGPL

check_apache404

This Nagios plugin monitors the Apache server log file in search of State 404, receiving as arguments the full path of the log file, and the maximum values for warning and critical, these values are passed in pairs (50.100), to specify the value of record ...

LicenseGPL

check_app

This Nagios plugin monitors the main principals where the executable files are stored, you can optionally be the user to define the principals that you want to monitor in accordance with your system's interests and configuration, by ticking the critical s ...

LicenseGPL

check_bad_apache_procs.sh

www.dougware.net

check_bad_apache_procs.sh This is a simple BASH script that checks that only the correct Apache processes are running, and that no other processes (such as PERL scripts) are running as Apache. If it returns OK, it includes the text "0 Bad apache Processes Running". If it fails ...

LicenseGPL

check_barracuda_queue

members.dca.net/fpater/permanent/check_barracuda_queue

Monitor Barracuda Spam Firewall Appliance queue sizes

check_bundle_audit

Nagios plugin to monitor ruby applications for security vulnerabilities via bundler-audit, written in bash.

LicenseMIT

check_cert_signing_algorithm_secure

www.cwsi.ie

This check connects to a specified host:port with OpenSSL to determine if the signing algorithm used on the server certificate is secure.

LicenseGPL

Check_client_cert_CAs_sent

www.cwsi.ie

This check uses OpenSSL to connect to a host:port and either confirm that it is specifying at least one accepted client certificate CA name, or compare the accepted CA names list returned by the host to a list supplied to the check. The purpose being tha ...

check_crl.py

raymii.org/cms/p_Nagios_plugin_to_check_crl_expiry_in_hours

This is a nagios plugin which you can use to check if a CRL (Certificate Revocation List, public list with revoked certificates) is still valid. This is based on the check_crl.py plugin from [Michele Baldessari](http://acksyn.org/?p=690). I've modified it ...

LicenseBSD

check_crl_bulk

check_crl_bulk Checks the ‘Next Update’ time for a number of CRL files using OpenSSL.

LicenseGPL

check_crl_url

abi.renhart.com/index.php/2013/07/10/check-certificate-revoc

Check Certificate Revocation List(CRL) expiration and validity

LicenseGPL

check_cuda

seigafuse.com/2010/08/20/barracuda-plug-in-for-nagios-v3-1/

This plugin will check the length of the in, out and bounce queues on a Barracuda Spam Firewall using SNMP. The latest release (version 3) supports Barracuda Spam and Virus firewalls with firmware versions 3 and 4. The OIDs changed in V4 and the plug ...

LicenseGPL

check_ddos

This Nagios plugin monitors system network connections alerting whenever a large number of SYN recv states are verified. The quantities of connections to be considered excessive are passed as arguments, and when Nagios is exceeded alert with the states wa ...

LicenseGPL

check_defacement

This plugin check for a potential website defacement. The script curl the provided url and compare it with the previous curl. Several tests can be made, the default one is calculating how many pecentage of code have been changed since last check.

LicenseGPL

check_defacementpage

This Nagios plugin monitors the content of the Web page passed by URL as an argument, in search of potentially hazardous words, returning the critical state if a detection is made. By default, a set of words are defined, which can optionally be ignored, o ...

LicenseGPL

check_dnsbl

Perl plugin that checks a specified DNS blacklist such as bl.spamcop.net to see whether a host is listed. Depends on Net::DNS.

check_dnsip

This Nagios plugin monitors domain names and corresponding IP address, both passed as arguments, alerting with critical state if incompatibilities are verified. By default, Google DNS is used, however, optionally the user can set the DNS server that suits ...

LicenseGPL

check_dnssecurity

This Nagios plugin monitors the state of the DNSSEC configurations and points out with the critical state in case vulnerabilities (poor configuration, expired signatures, not using DNSSEC) be detected. The domain to be monitored is passed as an argument, ...

LicenseGPL

check_dshield_infocon

github.com/voodookid/check_dsheild_infocon

Uses the DShield API to check the Infocon status. Will return OK on green, WARNING on Yellow and Oragne, and CRITICAL on Red.

LicenseGPL

check_file_md5

Script to arbitrarily monitor the md5 checksums of any given file and throw a warning when a file is changed. Script is self-maintaining, in that it will update its own cache of checksums after a mismatch - this way, you don't have to remember to update t ...

check_file_md5s

Simple file integrity checker.

check_fw_av_ud

Small Utility for utilising the Windows WSC_SECURITY_PROVIDER functions and properties in Windows Vista and later

LicenseGPL

check_heartbleed

check_heartbleed allows you to check for the Heartbleed Vulnerability (CVE-2014-0160) of openssl on various systems. Version - 0.6 : Added TLSv1.0 and SSLv3.0 support If no version is specified, checks all versions. Altered output somewhat. Added opti ...

check_heartbleed - TK

www.itefix.net/check_heartbleed

check_heartbleed checks if a server is vulnerable against Heartbleed SSL attack (CVE-2014-0160). Features: can start with plain and upgrade with STARTTLS or similar commands with IMAP, POP, SMTP, FTP, HTTP and HTTP proxies, PostgreSQL heart ...

LicenseBSD

check_https_cert

Perlscript for checking a https-servers, with a ssl-client-certificate.

check_inactive

www.2024sight.com

This plugin checks whether there are inactive users on a system. The plugin requires CPAN module User-Utmp-1.8.

LicenseGPL

check_iponblacklist

This Nagios plugin monitors blacklists in search of a past IP address as an argument. By default, the plugin searches in 27 of the most popular blacklists, and can optionally be added to other lists, or ignored the set of predefined blacklists. This plugi ...

LicenseGPL

check_ipsec

Check ipsec connections from openswan or strongswan

check_kdc

Check Kerberos 5 KDC with shell commands

check_krb5

www.spock.org/check_krb5.html

check the usability of a kerberos 5 KDC

check_krb5_kdc.pl (Advanced Nagios Plugins Collection)

github.com/harisekhon/nagios-plugins

Checks a specific Kerberos KDC is working by getting a TGT using a keytab Create a nagios kerberos principal and export a keytab for it to use in this check Requirements: - Kerberos KDC - Kerberos Realm - nagios kerberos principal - exported k ...

check_krb5_kinit.pl (Advanced Nagios Plugins Collection...

github.com/harisekhon/nagios-plugins

Checks Kerberos is working by requesting a TGT from the KDC using a pre-exported keytab

check_leavers

github.com/garethrandall/check_leavers

When employees leave a company, sometimes computer accounts are not deleted, meaning that they could become a security risk. This plugin checks for accounts of users who have left, using a central list of blacklisted usernames which is downloaded from a w ...

check_listening_ports (edouard.lamoine)

check_listening_ports (edouard.lamoine) A plugin that check for all listening ports/services behind, and verify if these ports or services have been approved by the user. Adds Port monitoring security to Nagios, showing if some ports were opened, maybe in a malicious way. Done for MEVIA g ...

LicenseOther

check_md5.sh

github.com/jackbenny/check_md5

A plugin written in Bash to check the MD5 sum of a single file. In case the files MD5 change the plugin issues a critical state. This behavior can be changed by using a --warning argument, so that only a warning state is issued.

LicenseGPL

check_ncipher

www.pki.getronicspinkroccade.nl/website/

NRPE plugin to check nCipher/nFast hardserver, nShield HSM status and inserted smartcard on RHEL and Solaris.

check_nids_interfaces

github.com/RiskIQ/check_nids_interfaces

check_nids_interfaces Nagios plugin designed to passively check capture interfaces to validate they are receiving desired traffic flows.

LicenseOther

check_nikto

This Nagios plugin monitors a domain in search of web vulnerabilities, so it uses the scan of Web Nikto vulnerabilities, producing an HTML report, and alerting to the existence of known vulnerabilities, returning the critical state in case of detection. ...

LicenseGPL

check_ocsp

raymii.org/cms/p_Nagios_plugin_to_check_OCSP?utm_source=nagi

This is a nagios plugin to check an OCSP server. It does so by having a PEM encoded certificate in the code, and the PEM encoded certificate of the issuer. This is sent to the OCSP server and the response is then parsed to give the correct nagios result. ...

check_open_port

This Nagios plugin monitors ports, and alerts about opening new port of communication. As arguments are passed the list of authorized ports, and the IP address of the machine to be monitored (local), returning the critical state if one or more open ports ...

LicenseGPL
Page 1 of 2