1
0
mirror of https://github.com/ranl/monitor-utils.git synced 2024-12-22 13:33:43 +01:00

Update check-paloalto-A500.pl

In order for me to be able to check a little more stuff with your script I add some new check against my cluster of paloalto PA5050 

The modification that I made are 

model 
ha 
firmware 
TCP Sessions 
UDP Sessions 
UCMP Sessions 
Sessions
This commit is contained in:
dufourl 2014-06-04 12:18:33 +02:00
parent 02fdecba3e
commit 202e83cea6

View File

@ -10,46 +10,76 @@
### \_| \_|\__,_||_| |_|\_____/ ###
#####################################
#####################################
## Original version written by
## ran.leibman@gmail.com
## Additionial checks code written
## by laurent.dufour@havas.com
##
## the following parameters has
## been tested against a PA5050
##
## cpu|firmware|ha|model|
## sessions|udp_sessions|tcp_sessions
## |icmp_sessions
##
#####################################
#####################################
use strict;
use lib "/usr/lib/nagios/plugins/";
use Net::SNMP;
my $stat;
my $msg;
my $perf;
my $script_name = "check-paloalto-A500.pl";
my $script_version = 1.1;
### SNMP OIDs
###############
my $s_cpu_mgmt = '.1.3.6.1.2.1.25.3.3.1.2.1';
my $s_cpu_data = '.1.3.6.1.2.1.25.3.3.1.2.2';
my $s_firmware = '.1.3.6.1.2.1.25.3.3.1.2.2';
my $s_firmware_version = '.1.3.6.1.4.1.25461.2.1.2.1.1.0';
my $s_ha_mode = '.1.3.6.1.4.1.25461.2.1.2.1.13.0';
my $s_ha_local_state = '.1.3.6.1.4.1.25461.2.1.2.1.11.0';
my $s_ha_peer_state = '.1.3.6.1.4.1.25461.2.1.2.1.12.0';
my $s_pa_model = '.1.3.6.1.4.1.25461.2.1.2.2.1.0';
my $s_pa_max_sessions = '.1.3.6.1.4.1.25461.2.1.2.3.2.0';
my $s_pa_total_active_sessions = '.1.3.6.1.4.1.25461.2.1.2.3.3.0';
my $s_pa_total_tcp_active_sessions = '.1.3.6.1.4.1.25461.2.1.2.3.4.0';
my $s_pa_total_udp_active_sessions = '.1.3.6.1.4.1.25461.2.1.2.3.5.0';
my $s_pa_total_icmp_active_sessions = '.1.3.6.1.4.1.25461.2.1.2.3.6.0';
### Functions
###############
sub _create_session {
my ($server, $comm) = @_;
my $version = 1;
my ($sess, $err) = Net::SNMP->session( -hostname => $server, -version => $version, -community => $comm);
if (!defined($sess)) {
print "Can't create SNMP session to $server\n";
exit(1);
}
return $sess;
my ($server, $comm) = @_;
my $snmp_version = 2;
my ($sess, $err) = Net::SNMP->session( -hostname => $server, -version => $snmp_version, -community => $comm);
if (!defined($sess)) {
print "Can't create SNMP session to $server\n";
exit(1);
}
return $sess;
}
sub FSyntaxError {
print "Syntax Error !\n";
# print "$0 -H [ip|dnsname] -C [snmp community] -t [temp|fan|ps|cpu|mem|module|freeint] -w [warning value] -c [critical value] -d [days]\n";
print "$script_name\n";
print "-H = Ip/Dns Name of the FW\n";
print "-C = SNMP Community\n";
print "-t = Check type (currently only cpu)\n";
print "-w = Warning Value\n";
print "-c = Critical Value\n";
exit(3);
print "Syntax Error !\n";
# print "$0 -H [ip|dnsname] -C [snmp community] -t [temp|fan|ps|cpu|mem|module|freeint|firmware|ha|model|sessions|udp_sessions|tcp_sessions|icmp_sessions] -w [warning value] -c [critical value] -d [days]\n";
print "$script_name\n";
print "Version : $script_version\n";
print "-H = Ip/Dns Name of the FW\n";
print "-C = SNMP Community\n";
print "-t = Check type (currently only cpu/firmware/model/ha/sessions/icmp_sesions/tcp_sessions/udp_sessions)\n";
print "-w = Warning Value\n";
print "-c = Critical Value\n";
exit(3);
}
if($#ARGV != 9) {
FSyntaxError;
FSyntaxError;
}
### Gather input from user
@ -62,56 +92,193 @@ my $crit = 0;
my $int;
while(@ARGV) {
my $temp = shift(@ARGV);
if("$temp" eq '-H') {
$switch = shift(@ARGV);
} elsif("$temp" eq '-C') {
$community = shift(@ARGV);
} elsif("$temp" eq '-t') {
$check_type = shift(@ARGV);
} elsif("$temp" eq '-w') {
$warn = shift(@ARGV);
} elsif("$temp" eq '-c') {
$crit = shift(@ARGV);
} else {
FSyntaxError();
}
my $temp = shift(@ARGV);
if("$temp" eq '-H') {
$switch = shift(@ARGV);
} elsif("$temp" eq '-C') {
$community = shift(@ARGV);
} elsif("$temp" eq '-t') {
$check_type = shift(@ARGV);
} elsif("$temp" eq '-w') {
$warn = shift(@ARGV);
} elsif("$temp" eq '-c') {
$crit = shift(@ARGV);
} else {
FSyntaxError();
}
}
# Validate Warning
if($warn > $crit) {
print "Warning can't be larger then Critical: $warn > $crit\n";
FSyntaxError();
print "Warning can't be larger then Critical: $warn > $crit\n";
FSyntaxError();
}
# Establish SNMP Session
our $snmp_session = _create_session($switch,$community);
### model ###
if($check_type eq "model") {
my $R_firm = $snmp_session->get_request(-varbindlist => [$s_pa_model]);
my $palo_model = "$R_firm->{$s_pa_model}";
$msg = "OK: Palo Alto $palo_model";
$perf="";
$stat = 0;
}
### HA MODE ###
elsif($check_type eq "ha") {
my $R_firm = $snmp_session->get_request(-varbindlist => [$s_ha_mode]);
my $ha_mode = "$R_firm->{$s_ha_mode}";
my $R_firm = $snmp_session->get_request(-varbindlist => [$s_ha_local_state]);
my $ha_local_state = "$R_firm->{$s_ha_local_state}";
my $R_firm = $snmp_session->get_request(-varbindlist => [$s_ha_peer_state]);
my $ha_peer_state = "$R_firm->{$s_ha_peer_state}";
$msg = "OK: High Availablity Mode : $ha_mode - Local : $ha_local_state - Peer : $ha_peer_state\n";
$perf="";
$stat = 0;
}
### SESSIONS ###
elsif($check_type eq "sessions") {
my $R_firm = $snmp_session->get_request(-varbindlist => [$s_pa_max_sessions]);
my $pa_max_sessions = "$R_firm->{$s_pa_max_sessions}";
my $R_firm = $snmp_session->get_request(-varbindlist => [$s_pa_total_active_sessions]);
my $pa_total_active_sessions = "$R_firm->{$s_pa_total_active_sessions}";
$perf=" - Max Active Sessions : $pa_max_sessions";
if($pa_total_active_sessions > $crit ) {
$msg = "CRIT: Total Active Sessions : $pa_total_active_sessions".$perf;
$stat = 2;
} elsif($pa_total_active_sessions > $warn ) {
$msg = "WARN: Total Active Sessions : $pa_total_active_sessions".$perf;
$stat = 1;
} else {
$msg = "OK: Total Active Sessions : $pa_total_active_sessions".$perf;
$stat = 0;
}
$perf="";
}
### TCP SESSIONS ###
elsif($check_type eq "tcp_sessions") {
my $R_firm = $snmp_session->get_request(-varbindlist => [$s_pa_total_tcp_active_sessions]);
my $pa_total_tcp_active_sessions = "$R_firm->{$s_pa_total_tcp_active_sessions}";
if($pa_total_tcp_active_sessions > $crit ) {
$msg = "CRIT: TCP Active Sessions : $pa_total_tcp_active_sessions";
$stat = 2;
} elsif($pa_total_tcp_active_sessions > $warn ) {
$msg = "WARN: TCP Active Sessions : $pa_total_tcp_active_sessions";
$stat = 1;
} else {
$msg = "OK: TCP Active Sessions : $pa_total_tcp_active_sessions";
$stat = 0;
}
$perf="";
}
### UDP SESSIONS ###
elsif($check_type eq "udp_sessions") {
my $R_firm = $snmp_session->get_request(-varbindlist => [$s_pa_total_udp_active_sessions]);
my $pa_total_udp_active_sessions = "$R_firm->{$s_pa_total_udp_active_sessions}";
if($pa_total_udp_active_sessions > $crit ) {
$msg = "CRIT: UDP Active Sessions : $pa_total_udp_active_sessions";
$stat = 2;
} elsif($pa_total_udp_active_sessions > $warn ) {
$msg = "WARN: UDP Active Sessions : $pa_total_udp_active_sessions";
$stat = 1;
} else {
$msg = "OK: UDP Active Sessions : $pa_total_udp_active_sessions";
$stat = 0;
}
$perf="";
}
### ICMP SESSIONS ###
elsif($check_type eq "icmp_sessions") {
my $R_firm = $snmp_session->get_request(-varbindlist => [$s_pa_total_icmp_active_sessions]);
my $pa_total_icmp_active_sessions = "$R_firm->{$s_pa_total_icmp_active_sessions}";
if($pa_total_icmp_active_sessions > $crit ) {
$msg = "CRIT: ICMP Active Sessions : $pa_total_icmp_active_sessions";
$stat = 2;
} elsif($pa_total_icmp_active_sessions > $warn ) {
$msg = "WARN: ICMP Active Sessions : $pa_total_icmp_active_sessions";
$stat = 1;
} else {
$msg = "OK: ICMP Active Sessions : $pa_total_icmp_active_sessions";
$stat = 0;
}
$perf="";
}
### firmware ###
elsif($check_type eq "firmware") {
my $R_firm = $snmp_session->get_request(-varbindlist => [$s_firmware_version]);
my $palo_os_ver = "$R_firm->{$s_firmware_version}";
$msg = "OK: Firmware $palo_os_ver";
$perf="";
$stat = 0;
}
### CPU ###
if($check_type eq "cpu") {
my $R_mgmt = $snmp_session->get_request(-varbindlist => [$s_cpu_mgmt]);
my $mgmt = "$R_mgmt->{$s_cpu_mgmt}";
my $R_data = $snmp_session->get_request(-varbindlist => [$s_cpu_data]);
my $data = "$R_data->{$s_cpu_data}";
if($mgmt > $crit or $data > $crit) {
$msg = "CRIT: Mgmt - $mgmt, Data - $data";
$stat = 2;
} elsif($mgmt > $warn or $data > $warn) {
$msg = "WARN: Mgmt - $mgmt, Data - $data";
$stat = 1;
} else {
$msg = "OK: Mgmt - $mgmt, Data - $data";
$stat = 0;
}
$perf = "mgmt=$mgmt;data=$data;$warn;$crit";
elsif($check_type eq "cpu") {
my $R_mgmt = $snmp_session->get_request(-varbindlist => [$s_cpu_mgmt]);
my $mgmt = "$R_mgmt->{$s_cpu_mgmt}";
my $R_data = $snmp_session->get_request(-varbindlist => [$s_cpu_data]);
my $data = "$R_data->{$s_cpu_data}";
if($mgmt > $crit or $data > $crit) {
$msg = "CRIT: Mgmt - $mgmt, Data - $data";
$stat = 2;
} elsif($mgmt > $warn or $data > $warn) {
$msg = "WARN: Mgmt - $mgmt, Data - $data";
$stat = 1;
} else {
$msg = "OK: Mgmt - $mgmt, Data - $data";
$stat = 0;
}
$perf = "mgmt=$mgmt;data=$data;$warn;$crit";
### Bad Syntax ###
} else {
FSyntaxError();
FSyntaxError();
}
if ($perf eq "") {
print "$msg\n";
} else {
print "$msg | $perf\n";
}
print "$msg | $perf\n";
exit($stat);