Nagios Core is the boring, reliable monitoring tool that has watched datacenter floors since 1999 and still owns a comfortable share of small-to-medium sysadmin shops in 2026. Running it as a virtual machine on Hyper-V (Windows Server or Windows 11 Pro with the Hyper-V role) gives you a free monitoring server, snapshots, easy backup, and isolation from the hosts being monitored. This guide walks through the complete setup: provision the VM in Hyper-V Manager, install Nagios Core on Ubuntu 24.04 inside it, configure probes for HTTP / SSH / MySQL / disk usage, wire mail and Telegram alerts, and bake in the routine maintenance habits that keep monitoring honest. Plan two to three hours for the full install on a fresh VM; subsequent additions of probed hosts take five to ten minutes each.
Contents
- Why Nagios + Hyper-V in 2026
- Step 1: Create the Nagios VM in Hyper-V
- Step 2: Install Ubuntu 24.04 LTS and harden it
- Step 3: Install Nagios Core 4.5
- Step 4: Configure your first host and probes
- Step 5: Mail alerts (SMTP via msmtp)
- Step 6: Telegram alerts via bot webhook
- Step 7: Custom dashboard and views
- Step 8: Snapshot and routine maintenance
- FAQ
Why Nagios + Hyper-V in 2026
Three reasons keep Nagios relevant despite a crowded monitoring market. The plugin ecosystem (over 5,000 community checks in monitoring-plugins) covers practically every workload a small or medium ops team will encounter. The data model is opinionated: hosts have states (UP / DOWN / UNREACHABLE), services have states (OK / WARNING / CRITICAL / UNKNOWN), and that’s it. You can reason about the system in your head, which becomes priceless during a 3 am incident. Configuration is plain text files versioned in git, with no proprietary database. Nothing magic, nothing surprising.
Running Nagios as a Hyper-V guest gives you what self-hosted monitoring needs: snapshots before every config change so a typo never takes down the watcher itself, backup-friendly VHDX files that fit a normal Windows backup workflow, and isolation from the production hosts (you do not want monitoring to share fate with the things it monitors). Hyper-V is free with any Windows Pro or Server license that already runs on your network.
Create the Nagios VM in Hyper-V
Open Hyper-V Manager (Windows + R, type virtmgmt.msc). Right-click your server in the left pane, then New > Virtual Machine.
Recommended specs for a fresh Nagios VM monitoring up to 50 hosts:
- Generation 2 (UEFI, Secure Boot). Required for modern Ubuntu boot.
- 2 vCPU, 4 GB RAM (dynamic, min 2 GB / max 6 GB).
- 30 GB VHDX dynamic disk on a fast volume (Nagios is I/O light but log retention adds up).
- External virtual switch bound to your management LAN (the VM needs to reach probed hosts).
- Set the VM’s MAC address to static if your DHCP uses MAC reservations.
In the VM settings, under Security, set Microsoft UEFI Certificate Authority as the secure boot template (matches Ubuntu’s signed bootloader). Under Integration Services, enable all (especially “Time synchronization” and “Heartbeat”) so the VM stays clock-aligned with the host.
Install Ubuntu 24.04 LTS and harden it
Mount the Ubuntu 24.04 LTS server ISO (download from ubuntu.com). Boot the VM, follow the installer with these choices: minimal install, no LVM, OpenSSH selected, no other snaps. After install, log in and run the standard hardening pass:
sudo apt update sudo apt upgrade -y sudo apt install -y ufw fail2ban unattended-upgrades # Open SSH and (later) Nagios web UI sudo ufw allow OpenSSH sudo ufw allow 80/tcp sudo ufw allow 443/tcp sudo ufw enable # Set hostname for clarity sudo hostnamectl set-hostname nagios-01
If you want the full hardening procedure (SSH key-only, AppArmor enforce, auditd, etc.), follow our Ubuntu 24.04 hardening checklist. A monitoring server is a juicy target — harden it before pointing it at production.
/etc/netplan/00-installer-config.yaml to set a static IP. A monitoring server with a DHCP-changing address will cause hours of “why are the probes failing?” debugging.Install Nagios Core 4.5
Ubuntu 24.04 ships Nagios 4.4 in apt; the 4.5.x line has notable bug fixes. The cleanest approach in 2026 is to compile from the official tarball.
# Build dependencies sudo apt install -y autoconf gcc libc6 make wget unzip apache2 apache2-utils \ php libapache2-mod-php libgd-dev libssl-dev libmcrypt-dev bc gawk dc build-essential # Create the nagios user/group sudo useradd nagios sudo groupadd nagcmd sudo usermod -aG nagcmd nagios sudo usermod -aG nagcmd www-data # Download and extract Nagios Core 4.5.x cd /tmp wget https://github.com/NagiosEnterprises/nagioscore/releases/download/nagios-4.5.9/nagios-4.5.9.tar.gz tar xzf nagios-4.5.9.tar.gz cd nagios-4.5.9 ./configure --with-command-group=nagcmd sudo make all sudo make install sudo make install-init sudo make install-config sudo make install-commandmode sudo make install-webconf # Install the standard plugins cd /tmp wget https://nagios-plugins.org/download/nagios-plugins-2.4.12.tar.gz tar xzf nagios-plugins-2.4.12.tar.gz cd nagios-plugins-2.4.12 ./configure --with-nagios-user=nagios --with-nagios-group=nagios sudo make sudo make install
Set the web UI password and start the service:
sudo htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin # Enter a strong password when prompted sudo systemctl enable nagios apache2 sudo systemctl start nagios apache2 sudo a2enmod cgi rewrite sudo systemctl reload apache2
Open http://nagios-01.local/nagios (or the IP) in your browser. You should see the Nagios login page. Log in with nagiosadmin and the password you just set.
Configure your first host and probes
Nagios reads its config from /usr/local/nagios/etc/objects/. Create a host file per monitored target.
sudo mkdir -p /usr/local/nagios/etc/servers sudo nano /usr/local/nagios/etc/nagios.cfg # Add this line: cfg_dir=/usr/local/nagios/etc/servers
Example host file at /usr/local/nagios/etc/servers/web01.cfg:
define host {
use linux-server
host_name web01
alias Production web server
address 10.0.0.10
max_check_attempts 5
check_period 24x7
contact_groups admins
}
define service {
use generic-service
host_name web01
service_description HTTPS
check_command check_http!--ssl -H peoplearegeek.com
}
define service {
use generic-service
host_name web01
service_description SSH
check_command check_ssh
}
define service {
use generic-service
host_name web01
service_description Disk root partition
check_command check_disk!20%!10%!/
}
define service {
use generic-service
host_name web01
service_description MySQL port
check_command check_tcp!3306
}
For deeper checks on remote Linux hosts (CPU, memory, disk per partition, specific processes), install NRPE on each target then point Nagios at it:
# On the monitored host sudo apt install -y nagios-nrpe-server monitoring-plugins # Add nagios-01 IP to allowed_hosts in /etc/nagios/nrpe.cfg sudo systemctl restart nagios-nrpe-server
Verify the config and reload Nagios:
sudo /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg # Should print "Things look okay - No serious problems were detected" sudo systemctl reload nagios
Mail alerts (SMTP via msmtp)
Nagios calls /usr/bin/mail when it needs to alert. The easiest sane setup in 2026 is msmtp as a sendmail replacement, configured to relay through an SMTP server (your hosting provider, SendGrid, AWS SES, or your own postfix).
sudo apt install -y msmtp msmtp-mta mailutils # Edit /etc/msmtprc sudo nano /etc/msmtprc
defaults auth on tls on tls_starttls on logfile /var/log/msmtp.log account default host smtp.your-provider.com port 587 from nagios@yourdomain.com user nagios@yourdomain.com password your-smtp-app-password
Set permissions and test:
sudo chmod 600 /etc/msmtprc echo "Test from nagios" | mail -s "Nagios test" you@yourdomain.com # You should receive the email in less than a minute
By default, Nagios already calls notify-host-by-email and notify-service-by-email commands defined in /usr/local/nagios/etc/objects/commands.cfg. Update the contact email address in /usr/local/nagios/etc/objects/contacts.cfg to your real one, reload Nagios, trigger a test alert (stop a probed service briefly), and confirm the email arrives.
Telegram alerts via bot webhook
Mail is for the record; Telegram is for “you need to look at this now”. Five minutes to wire it up.
Create a bot via @BotFather on Telegram, save the token. Send /start to your new bot from your account, then visit https://api.telegram.org/bot<TOKEN>/getUpdates in a browser to find your chat_id.
Create the notification script /usr/local/nagios/libexec/notify-telegram.sh:
#!/bin/bash
TOKEN="123456:ABC-DEF..."
CHAT_ID="987654321"
MESSAGE="*[$1]* $2: $3
Host: \`$4\`
Service: \`$5\`
State: $6 ($7)
$8"
curl -s -X POST "https://api.telegram.org/bot${TOKEN}/sendMessage" \
-d "chat_id=${CHAT_ID}" \
-d "parse_mode=Markdown" \
-d "text=${MESSAGE}"
sudo chmod +x /usr/local/nagios/libexec/notify-telegram.sh sudo chown nagios:nagios /usr/local/nagios/libexec/notify-telegram.sh
Register the command and attach to your admin contact:
# /usr/local/nagios/etc/objects/commands.cfg - append:
define command {
command_name notify-by-telegram
command_line /usr/local/nagios/libexec/notify-telegram.sh \
"$NOTIFICATIONTYPE$" "$HOSTSTATE$" "$SERVICESTATE$" \
"$HOSTNAME$" "$SERVICEDESC$" "$SERVICESTATE$" \
"$SERVICESTATEID$" "$SERVICEOUTPUT$"
}
# /usr/local/nagios/etc/objects/contacts.cfg - add to the contact block:
service_notification_commands notify-service-by-email,notify-by-telegram
host_notification_commands notify-host-by-email,notify-by-telegram
Reload Nagios and force a test by stopping a probed service. The Telegram message lands within seconds.
Custom dashboard and views
The default Nagios UI is functional but visually dated. Two community projects modernise it without touching the core:
- Thruk (thruk.org): a Perl-based replacement frontend that consumes the same Nagios config. Better filtering, business-hour reporting, mobile-friendly.
sudo apt install thruk. - NagVis: visual map plugin that overlays host status on a network diagram or a building floor plan. Useful when stakeholders want a “green / red lights” view instead of a status grid.
Both can run side-by-side with the stock Nagios CGI UI; pick whichever your team finds easier on the eyes.
Snapshot and routine maintenance
Take a Hyper-V checkpoint (right-click VM > Checkpoint) now that the install is clean. This is your rollback point if a config change later goes wrong. Repeat after every significant config change.
Routine maintenance cadence:
- Weekly: glance at
/var/log/nagios.logfor repeated transient warnings (often signal flapping that needs flapping detection thresholds adjusted). - Monthly: run
sudo apt upgradeon the Nagios VM, take a checkpoint before, restart Nagios after. - Quarterly: audit the host list — every monitored host should still exist, every existing host should be monitored. Drift here is the silent killer of monitoring usefulness.
- Yearly: review and tighten the alert thresholds. New WARNING / CRITICAL levels based on the last 12 months of operating data give better signal than the defaults.
Need to monitor without a server?
SecurityWatch is a browser-side monitor that watches uptime, TLS certificates, HTTP headers and drift on a list of sites with localStorage watchlist and webhook alerts. Complementary to Nagios for the public-facing layer.
Common pitfalls and how to avoid them
- Alert fatigue. If your team starts ignoring Nagios emails, the threshold is too sensitive. Raise the WARNING level until alerts mean “human attention needed” rather than “Nagios talks again”.
- Probed host firewalls. A probed host with a firewall blocking the Nagios server IP looks DOWN;
sudo ufw allow from 10.0.0.5on the host (where 10.0.0.5 is the Nagios IP) is often the missing piece. - Time drift between hosts. If Nagios and the probed hosts disagree on time, log correlation breaks and SSL probes fail intermittently. Verify NTP on every host (
timedatectl status). - Forgetting to monitor Nagios itself. Add a check from a second machine (a cheap VPS, your laptop) to verify the Nagios web UI responds. “Who watches the watchers” is not a joke when the watcher is silent because the watcher itself crashed.
FAQ
Why Nagios in 2026 instead of Zabbix or Prometheus?
Use Nagios when you want a simple, time-tested tool that an on-call engineer can debug at 3 am without consulting documentation. Use Zabbix when you need built-in time-series graphing, native templating and a database-backed config UI. Use Prometheus + Grafana when you have a microservices stack with native metric endpoints and want long-term trending. All three are valid choices for different organisations; the worst choice is to not monitor at all.
Can I run Nagios in WSL2 instead of a Hyper-V VM?
Technically yes, but not recommended for production monitoring. WSL2 shuts down when you log out of the Windows session, which kills monitoring. A proper Hyper-V VM runs whether you are signed in or not. Reserve WSL2 for development or learning the install procedure.
How many hosts can a single Nagios VM monitor?
With 2 vCPU and 4 GB RAM, the configuration we deployed comfortably handles 100-200 hosts and 1,000-2,000 services. Past that, look at NDOUtils for performance optimisation or scale horizontally with multiple Nagios instances and Thruk as the federated frontend.
Can I monitor Windows hosts from Nagios?
Yes. Install NSClient++ on each Windows host (free, MSI installer), open port 5666 from the Nagios server, and use the check_nt or check_nrpe commands. Standard checks: CPU load, memory usage, disk free, service status, event log entries, scheduled task state.
Should I use Nagios XI (the paid version)?
Nagios XI adds a config UI, dashboards, reporting and commercial support to Nagios Core. Worth the licence cost if your team prefers a web GUI over editing text files, or if you need vendor support contractually. For small teams comfortable with files-in-git, Core + Thruk is feature-complete.
How do I back up the Nagios config?
Put /usr/local/nagios/etc/ in a git repository. Commit before every change. Push to a remote. That gives you point-in-time rollback for a single file plus a complete history. Combine with the Hyper-V checkpoints for a layered restore strategy (file-level via git, VM-level via Hyper-V).
