In most cases you'll use Yoopl to monitor your hosts and services using regularly scheduled active checks. Active checks can be used to "poll" a device or service for status information every so often. Yoopl also supports a way to monitor hosts and services passively instead of actively. The key features of passive checks are as follows:
The major difference between active and passive checks is that active checks are initiated and performed by Yoopl, while passive checks are performed by external applications.
Passive checks are useful for monitoring services that are:
Examples of asynchronous services that lend themselves to being monitored passively include SNMP traps and security alerts. You never know how many (if any) traps or alerts you'll receive in a given time frame, so it's not feasible to just monitor their status every few minutes.
Passive checks are also used when configuring distributed or redundant monitoring installations.
Here's how passive checks work in more detail...
The processing of active and passive check results is essentially identical. This allows for seamless integration of status information from external applications with Yoopl.
External applications can submit passive service check results to Yoopl by writing a PROCESS_SERVICE_CHECK_RESULT external command to the external command file.
The format of the command is as follows:
[<timestamp>] PROCESS_SERVICE_CHECK_RESULT;<host_name>;<svc_description>;<return_code>;<plugin_output>
where...
timestamp is the time in time_t format (seconds since the UNIX epoch) that the service check was perfomed (or submitted). Please note the single space after the right bracket.host_name is the short name of the host associated with the service in the service definitionsvc_description is the description of the service as specified in the service definitionreturn_code is the return code of the check (0=OK, 1=WARNING, 2=CRITICAL, 3=UNKNOWN)plugin_output is the text output of the service check (i.e. the plugin output)Note: A service must be defined in Yoopl before you can submit passive check results for it! Yoopl will ignore all check results for services that had not been configured before.
External applications can submit passive host check results to Yoopl by writing a PROCESS_HOST_CHECK_RESULT external command to the external command file.
The format of the command is as follows:
[<timestamp>] PROCESS_HOST_CHECK_RESULT;<host_name>;<host_status>;<plugin_output>
where...
timestamp is the time in time_t format (seconds since the UNIX epoch) that the host check was perfomed (or submitted). Please note the single space after the right bracket.host_name is the short name of the host (as defined in the host definition)host_status is the status of the host (0=UP, 1=DOWN, 2=UNREACHABLE)plugin_output is the text output of the host checkNote: A host must be defined in Yoopl before you can submit passive check results for it! Yoopl will ignore all check results for hosts that had not been configured before.
Unlike with active host checks, Yoopl does not (by default) attempt to determine whether or host is DOWN or UNREACHABLE with passive checks. Rather, Yoopl takes the passive check result to be the actual state the host is in and doesn't try to determine the host's actual state using the reachability logic. This can cause problems if you are submitting passive checks from a remote host or you have a distributed monitoring setup where the parent/child host relationships are different.
You can tell Yoopl to translate DOWN/UNREACHABLE passive check result states to their "proper" state by using the translate_passive_host_checks variable. More information on how this works can be found here.
Note: Passive host checks are normally treated as HARD states, unless the
passive_host_checks_are_softoption is enabled.