Nagios - Help with getting NRPE to work with check_fail2ban.sh

I am trying to monitor fail2ban with Nagios so, I found the following check via a Google search: http://nagios.fm4dd.com/plugins/manual/check_fail2ban.htm I am trying to get the check to work on a remote host, but I am unable to get it to return accurate results. I am using Fail2ban v0.9.3 on CentOS 7, so I had to make one change to the script per the following link: https://exchange.nagios.org/directory/Plugins/Security/Firewall-Software/check_fail2ban/details#rev-3948 ***NOTE:** *All output below is from the "Remote Server" and not my "Nagios Server".* **The change I made (Line 108) is below:** jail_list=$($fail2ban_client status|grep "list" |cut -d : -f 2 |tr -d ,) **I already gave the Nagios user & NRPE permissions per the wiki:** setfacl -m u:nagios:rwx /var/run/fail2ban/fail2ban.sock **I am able to run the fail2ban-client & the script as both the Nagios & NRPE users:** [root@localhost plugins]# sudo -u nrpe fail2ban-client status Status |- Number of jail: 2 `- Jail list: openvpn, sshd [root@localhost plugins]# sudo -u nagios fail2ban-client status Status |- Number of jail: 2 `- Jail list: openvpn, sshd [root@localhost etc]# sudo -u nagios /usr/lib64/nagios/plugins/check_fail2ban.sh -w 10 -c 20 OK: 1 banned IP(s) in 2 active jails|banned_IP=1;10;20;; jail openvpn blocks 1 IP(s): 76.123.218.206 jail sshd blocks 0 IP(s): | openvpn=1;;;; sshd=0;;;; [root@localhost etc]# sudo -u nrpe /usr/lib64/nagios/plugins/check_fail2ban.sh -w 10 -c 20 OK: 1 banned IP(s) in 2 active jails|banned_IP=1;10;20;; jail openvpn blocks 1 IP(s): 76.123.218.206 jail sshd blocks 0 IP(s): | openvpn=1;;;; sshd=0;;;; **Here is what I get when I run it locally:** [root@localhost plugins]# ./check_fail2ban.sh -w 10 -c 20 OK: 1 banned IP(s) in 2 active jails|banned_IP=1;10;20;; jail openvpn blocks 1 IP(s): 46.133.118.236 jail sshd blocks 0 IP(s): | openvpn=1;;;; sshd=0;;;; **Here is what I get when I run it locally with NRPE:** [root@localhost plugins]# /usr/lib64/nagios/plugins/check_nrpe -t 60 -H 127.0.0.1 -p 5666 -c check_fail2ban -a 10 20 OK: 0 banned IP(s) in active jails|banned_IP=0;10;20;; | - *I Get the same result when I run it on my Nagios Server* **My command is defined in my nrpe.cfg:** command[check_fail2ban]=/usr/lib64/nagios/plugins/check_fail2ban.sh -w $ARG1$ -c $ARG2$ **I tried some "debugging" by adding the following to my nrpe.cfg file:** command[check_fail2ban]=whoami command[check_fail2ban]=env **"Debug" output:** [root@localhost plugins]# /usr/lib64/nagios/plugins/check_nrpe -t 60 -H 127.0.0.1 -p 5666 -c check_fail2ban -a 10 20 SHELL=/sbin/nologin NRPE_PROGRAMVERSION=2.15 USER=nrpe PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin PWD=/ LANG=en_US.UTF-8 SHLVL=1 HOME=/var/run/nrpe LOGNAME=nrpe NRPE_SSL_OPT= NRPE_MULTILINESUPPORT=1 _=/usr/bin/env **I tried additional debugging by setting NRPE to debug =1. Here is the output when I run the command from my Nagios Server.** Sep 27 12:36:46 localhost nrpe: Connection from 192.168.1.200 port 61853 Sep 27 12:36:46 localhost nrpe: Host address is in allowed_hosts Sep 27 12:36:46 localhost nrpe: Handling the connection... Sep 27 12:36:46 localhost nrpe: Host is asking for command 'check_fail2ban' to be run... Sep 27 12:36:46 localhost nrpe: Running command: usr/lib64/nagios/plugins/check_fail2ban.sh -w 10 -c 20 Sep 27 12:36:46 localhost nrpe: Command completed with return code 0 and output: OK: 0 banned IP(s) in active jails|banned_IP=0;10;20;;#012| Sep 27 12:36:46 localhost nrpe: Return Code: 0, Output: OK: 0 banned IP(s) in active jails|banned_IP=0;10;20;;#012| Sep 27 12:36:46 localhost nrpe: Connection from `bYj closed. - *I get the same thing when I run it locally from the server with check_nrpe.* It looks like NRPE may not be capturing all of the output from the script? Please forgive me if this is something stupid that I've missed, as I am a Windows user, that does very little on Linux. Any help is greatly appreciated! ---------- *** ***EDIT TO ANSWERS*** *** User4556274, I think it is enabled. Here is the output from that command: [root@localhost etc]# ls -Z /usr/lib64/nagios/plugins -rwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 check_apc -rwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 check_asterisk_pri.php -rwxr-xr-x. root root system_u:object_r:nagios_checkdisk_plugin_exec_t:s0 check_disk -rwxr-xr-x. root root unconfined_u:object_r:lib_t:s0 check_fail2ban.old -rwxr-xr-x. root root unconfined_u:object_r:lib_t:s0 check_fail2ban.sh -rwxr-xr-x. root root system_u:object_r:nagios_system_plugin_exec_t:s0 check_load -rwxr-xr-x. root root unconfined_u:object_r:lib_t:s0 check_mem.pl -rwxr-xr-x. root root system_u:object_r:nagios_services_plugin_exec_t:s0 check_nrpe -rwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 check_openmanage -rwxr-xr-x. root root unconfined_u:object_r:lib_t:s0 check_openvpn.php -rwxr-xr-x. root root unconfined_u:object_r:lib_t:s0 check_openvpn_user_list -rwxr-xr-x. root root unconfined_u:object_r:lib_t:s0 check_openvpn_user_status -rwxr-xr-x. root root unconfined_u:object_r:lib_t:s0 check_openvpn_user_traffic -rwxr-xr-x. root root unconfined_u:object_r:lib_t:s0 check_ping -rwxr-xr-x. root root system_u:object_r:nagios_system_plugin_exec_t:s0 check_procs -rwxr-xr-x. root root system_u:object_r:nagios_system_plugin_exec_t:s0 check_swap -rwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 check_swraid.py -rwxr-xr-x. root root unconfined_u:object_r:usr_t:s0 check_swraid.sh -rwxr-xr-x. root root system_u:object_r:nagios_system_plugin_exec_t:s0 check_users -rwxr-xr-x. root root system_u:object_r:bin_t:s0 negate -rwxr-xr-x. root root system_u:object_r:bin_t:s0 urlize -rwxr-xr-x. root root system_u:object_r:bin_t:s0 utils.sh