1
0
mirror of https://github.com/opinkerfi/nagios-plugins.git synced 2024-11-14 06:23:46 +01:00

Compare commits

...

12 Commits

Author SHA1 Message Date
Guðvarður Ólafsson
ffbdd754d4
Create readme.md 2022-01-04 13:20:15 +00:00
Garðar Þorsteinsson
0440124d3a
Merge pull request #45 from monitoreoDotOsiAtUchileDotCl/master
:D
2020-10-28 16:34:34 +00:00
monitoreoDotOsiAtUchileDotCl
36582886c9 warn/crit threshold 4 connRate, warning/crit output improvement 2020-10-28 12:24:56 -03:00
monitoreoDotOsiAtUchileDotCl
21c7874418 warn/crit threshold 4 connRate, warning/crit output improvement 2020-10-28 12:17:15 -03:00
Garðar Þorsteinsson
6b12d2414a
Merge pull request #44 from monitoreoDotOsiAtUchileDotCl/master
warn/crit threshold 4 connRate
2020-10-26 21:34:49 +00:00
monitoreoDotOsiAtUchileDotCl
ac1f45311e warn/crit threshold 4 connRate 2020-10-26 17:46:39 -03:00
Garðar Þorsteinsson
be3ea24fd8
Merge pull request #43 from monitoreoDotOsiAtUchileDotCl/master
some improvements
2020-10-22 15:34:40 +00:00
monitoreoDotOsiAtUchileDotCl
1f9e1444cc another minor change, libexec path 2020-10-22 10:37:42 -03:00
monitoreoDotOsiAtUchileDotCl
bdb3233198 minor changes ,using spaces instead of tabs 2020-10-22 10:32:57 -03:00
monitoreoDotOsiAtUchileDotCl
f22a7d8fb8 patch 1.2.1a 2020-10-22 10:27:34 -03:00
Garðar Þorsteinsson
6c12036e30
Update releasers.conf 2020-09-14 12:31:11 +00:00
Your Name
8aed467ab0 Automatic commit of package [nagios-okplugin-check_xroad_token] release [1.2-1]. 2020-09-14 11:51:06 +00:00
5 changed files with 225 additions and 157 deletions

355
check_snmp/check_snmp_cpfw.pl Normal file → Executable file
View File

@ -5,6 +5,9 @@
# Author : Patrick Proy (patrick at proy.org) # Author : Patrick Proy (patrick at proy.org)
# Help : http://nagios.manubulon.com # Help : http://nagios.manubulon.com
# Licence : GPL - http://www.fsf.org/licenses/gpl.txt # Licence : GPL - http://www.fsf.org/licenses/gpl.txt
# Patch 1.2.1c
# Author : monitoreo.osi@uchile.cl
# Desc: warn/crit threshold to conns/seg check
# TODO : # TODO :
# - check sync method # - check sync method
################################################################# #################################################################
@ -19,6 +22,7 @@ use Getopt::Long;
# Nagios specific # Nagios specific
use lib "/usr/local/nagios/libexec"; use lib "/usr/local/nagios/libexec";
#use lib "/usr/lib/nagios/plugins"; # use in ubugtu
use utils qw(%ERRORS $TIMEOUT); use utils qw(%ERRORS $TIMEOUT);
#my $TIMEOUT = 15; #my $TIMEOUT = 15;
#my %ERRORS=('OK'=>0,'WARNING'=>1,'CRITICAL'=>2,'UNKNOWN'=>3,'DEPENDENT'=>4); #my %ERRORS=('OK'=>0,'WARNING'=>1,'CRITICAL'=>2,'UNKNOWN'=>3,'DEPENDENT'=>4);
@ -26,87 +30,90 @@ use utils qw(%ERRORS $TIMEOUT);
########### SNMP Datas ########### ########### SNMP Datas ###########
###### FW data ###### FW data
my $policy_state = "1.3.6.1.4.1.2620.1.1.1.0"; # "Installed" my $policy_state = "1.3.6.1.4.1.2620.1.1.1.0"; # Installed
my $policy_name = "1.3.6.1.4.1.2620.1.1.2.0"; # Installed policy name my $policy_name = "1.3.6.1.4.1.2620.1.1.2.0"; # Installed policy name
my $connections = "1.3.6.1.4.1.2620.1.1.25.3.0"; # number of connections my $connections = "1.3.6.1.4.1.2620.1.1.25.3.0"; # Number of connections
#my $connections_peak = "1.3.6.1.4.1.2620.1.1.25.4.0"; # peak number of connections my $connectionsSR = "1.3.6.1.4.1.2620.1.1.26.11.6.0" ; # FwConnectionsStatConnectionRate aka connx/seg
my @fw_checks = ($policy_state,$policy_name,$connections); my $connectionsPeak = "1.3.6.1.4.1.2620.1.1.25.4.0"; # Peak number of connections
my @fw_checks = ($policy_state,$policy_name,$connections,$connectionsSR,$connectionsPeak);
###### SVN data ###### SVN data
my $svn_status = "1.3.6.1.4.1.2620.1.6.102.0"; # "OK" svn status my $svn_status = "1.3.6.1.4.1.2620.1.6.102.0"; # "OK" svn status
my %svn_checks = ($svn_status,"OK"); my %svn_checks = ($svn_status,"OK");
my %svn_checks_n = ($svn_status,"SVN status"); my %svn_checks_n = ($svn_status,"SVN status");
my @svn_checks_oid = ($svn_status); my @svn_checks_oid = ($svn_status);
###### HA data ###### HA data
my $ha_active = "1.3.6.1.4.1.2620.1.5.5.0"; # "yes" my $ha_active = "1.3.6.1.4.1.2620.1.5.5.0"; # "yes"
my $ha_state = "1.3.6.1.4.1.2620.1.5.6.0"; # "active" / "standby" my $ha_state = "1.3.6.1.4.1.2620.1.5.6.0"; # "active" / "standby"
my $ha_block_state = "1.3.6.1.4.1.2620.1.5.7.0"; #"OK" : ha blocking state my $ha_status = "1.3.6.1.4.1.2620.1.5.102.0"; # "OK" : ha status
my $ha_status = "1.3.6.1.4.1.2620.1.5.102.0"; # "OK" : ha status my $ha_block_state = "1.3.6.1.4.1.2620.1.5.7.0"; # "OK" : ha blocking state
my %ha_checks =( $ha_active,"yes",$ha_state,"active",$ha_block_state,"OK",$ha_status,"OK"); my %ha_checks =( $ha_active,"yes",$ha_state,"active",$ha_block_state,"OK",$ha_status,"OK");
my %ha_checks_stand =( $ha_active,"yes",$ha_state,"standby",$ha_block_state,"OK",$ha_status,"OK"); my %ha_checks_stand =( $ha_active,"yes",$ha_state,"standby",$ha_block_state,"OK",$ha_status,"OK");
my %ha_checks_n =( $ha_active,"HA active",$ha_state,"HA state",$ha_block_state,"HA block state",$ha_status,"ha_status"); my %ha_checks_n =( $ha_active,"HA active",$ha_state,"HA state",$ha_block_state,"HA block state",$ha_status,"ha_status");
my @ha_checks_oid =( $ha_active,$ha_state,$ha_block_state,$ha_status); my @ha_checks_oid =( $ha_active,$ha_state,$ha_block_state,$ha_status);
my $ha_mode = "1.3.6.1.4.1.2620.1.5.11.0"; # "Sync only"/"High Availability (Active Up)" : ha Working mode my $ha_mode = "1.3.6.1.4.1.2620.1.5.11.0"; # "Sync only"/"High Availability (Active Up)" : ha Working mode
my $ha_tables = "1.3.6.1.4.1.2620.1.5.13.1"; # ha status table
my $ha_tables_index = ".1";
my $ha_tables_name = ".2";
my $ha_tables_state = ".3"; # "OK"
my $ha_tables_prbdesc = ".6"; # Description if state is != "OK"
my $ha_tables = "1.3.6.1.4.1.2620.1.5.13.1"; # ha status table #my @ha_table_check = ("Synchronization","Filter","cphad","fwd"); # process to check
my $ha_tables_index = ".1";
my $ha_tables_name = ".2";
my $ha_tables_state = ".3"; # "OK"
my $ha_tables_prbdesc = ".6"; # Description if state is != "OK"
#my @ha_table_check = ("Synchronization","Filter","cphad","fwd"); # process to check
####### MGMT data ####### MGMT data
my $mgmt_status = "1.3.6.1.4.1.2620.1.7.5.0"; # "active" : management status my $mgmt_status = "1.3.6.1.4.1.2620.1.7.5.0"; # "active" : management status
my $mgmt_alive = "1.3.6.1.4.1.2620.1.7.6.0"; # 1 : management is alive if 1 my $mgmt_alive = "1.3.6.1.4.1.2620.1.7.6.0"; # 1 : management is alive if 1
my $mgmt_stat_desc = "1.3.6.1.4.1.2620.1.7.102.0"; # Management status description my $mgmt_stat_desc = "1.3.6.1.4.1.2620.1.7.102.0"; # Management status description
my $mgmt_stats_desc_l = "1.3.6.1.4.1.2620.1.7.103.0"; # Management status long description my $mgmt_stats_desc_l = "1.3.6.1.4.1.2620.1.7.103.0"; # Management status long description
my %mgmt_checks = ($mgmt_status,"active",$mgmt_alive,"1"); my %mgmt_checks = ($mgmt_status,"active",$mgmt_alive,"1");
my %mgmt_checks_n = ($mgmt_status,"Mgmt status",$mgmt_alive,"Mgmt alive"); my %mgmt_checks_n = ($mgmt_status,"Mgmt status",$mgmt_alive,"Mgmt alive");
my @mgmt_checks_oid = ($mgmt_status,$mgmt_alive); my @mgmt_checks_oid = ($mgmt_status,$mgmt_alive);
#################################### Globals ##############################"" #################################### Globals ##############################""
my $Version='1.2.1'; my $Version='1.2.1b';
my $o_host = undef; # hostname my $o_host = undef; # hostname
my $o_community = undef; # community my $o_community = undef; # community
my $o_version2 =undef; # Version 2 my $o_version2 = undef; # Version 2
my $o_port = 161; # port my $o_port = 161; # port
my $o_help= undef; # wan't some help ? my $o_help= undef; # wan't some help ?
my $o_verb= undef; # verbose mode my $o_verb= undef; # verbose mode
my $o_version= undef; # print version my $o_version= undef; # print version
my $o_timeout= 5; # Default 5s Timeout my $o_timeout= 5; # Default 5s Timeout
my $o_warn= undef; # Warning for connections my $o_warn= undef; # Warning for connections
my $o_crit= undef; # Crit for connections my $o_crit= undef; # Crit for connections
my $o_svn= undef; # Check for SVN status my $o_warnSR= undef; # Warning for connectionsSR
my $o_fw= undef; # Check for FW status my $o_critSR= undef; # Crit for connectionsSR
my $o_ha= undef; # Check for HA status my $o_svn= undef; # Check for SVN status
my $o_mgmt= undef; # Check for management status my $o_fw= undef; # Check for FW status
my $o_policy= undef; # Check for policy name my $o_ha= undef; # Check for HA status
my $o_conn= undef; # Check for connexions my $o_mgmt= undef; # Check for management status
my $o_perf= undef; # Performance data output my $o_policy= undef; # Check for policy name
my $o_conn= undef; # Check for connexions
my $o_connSR= undef; # Check for connexionsSR
my $o_perf= undef; # Performance data output
# SNMPv3 specific # SNMPv3 specific
my $o_login= undef; # Login for snmpv3 my $o_login= undef; # Login for snmpv3
my $o_passwd= undef; # Pass for snmpv3 my $o_passwd= undef; # Pass for snmpv3
my $v3protocols=undef; # V3 protocol list. my $v3protocols=undef; # V3 protocol list.
my $o_authproto='md5'; # Auth protocol my $o_authproto='md5'; # Auth protocol
my $o_privproto='des'; # Priv protocol my $o_privproto='des'; # Priv protocol
my $o_privpass= undef; # priv password my $o_privpass= undef; # priv password
# functions # functions
sub p_version { print "check_snmp_cpfw version : $Version\n"; } sub p_version { print "check_snmp_cpfw version : $Version\n"; }
sub print_usage { sub print_usage {
print "Usage: $0 [-v] -H <host> -C <snmp_community> [-2] | (-l login -x passwd [-X pass -L <authp>,<privp>]) [-s] [-w [-p=pol_name] [-c=warn,crit]] [-m] [-a [standby] ] [-f] [-p <port>] [-t <timeout>] [-V]\n"; print "Usage: $0 [-v] -H <host> -C <snmp_community> [-2] | (-l login -x passwd [-X pass -L <authp>,<privp>]) [-s] [-w [-p=pol_name] [-c=warn,crit]] [-r=warn,crit]] [-m] [-a [standby] ] [-f] [-p <port>] [-t <timeout>] [-V]\n";
} }
sub isnnum { # Return true if arg is not a number sub isnnum { # Return true if arg is not a number
@ -117,7 +124,7 @@ sub isnnum { # Return true if arg is not a number
sub help { sub help {
print "\nSNMP Checkpoint FW-1 Monitor for Nagios version ",$Version,"\n"; print "\nSNMP Checkpoint FW-1 Monitor for Nagios version ",$Version,"\n";
print "GPL Licence, (c)2004-2007 - Patrick Proy\n\n"; print "GPL Licence, (c)2004-2020 - Patrick Proy\n\n";
print_usage(); print_usage();
print <<EOT; print <<EOT;
-v, --verbose -v, --verbose
@ -157,6 +164,8 @@ sub help {
SNMP port (Default 161) SNMP port (Default 161)
-t, --timeout=INTEGER -t, --timeout=INTEGER
timeout for SNMP (Default: Nagios default) timeout for SNMP (Default: Nagios default)
-r, --connexionsSR=WARN,CRIT
check warn and critical number of connexionsSR (must have -w)
-V, --version -V, --version
prints version number prints version number
EOT EOT
@ -168,69 +177,81 @@ sub verb { my $t=shift; print $t,"\n" if defined($o_verb) ; }
sub check_options { sub check_options {
Getopt::Long::Configure ("bundling"); Getopt::Long::Configure ("bundling");
GetOptions( GetOptions(
'v' => \$o_verb, 'verbose' => \$o_verb, 'v' => \$o_verb, 'verbose' => \$o_verb,
'h' => \$o_help, 'help' => \$o_help, 'h' => \$o_help, 'help' => \$o_help,
'H:s' => \$o_host, 'hostname:s' => \$o_host, 'H:s' => \$o_host, 'hostname:s' => \$o_host,
'P:i' => \$o_port, 'port:i' => \$o_port, 'P:i' => \$o_port, 'port:i' => \$o_port,
'C:s' => \$o_community, 'community:s' => \$o_community, 'C:s' => \$o_community, 'community:s' => \$o_community,
'2' => \$o_version2, 'v2c' => \$o_version2, '2' => \$o_version2, 'v2c' => \$o_version2,
'l:s' => \$o_login, 'login:s' => \$o_login, 'l:s' => \$o_login, 'login:s' => \$o_login,
'x:s' => \$o_passwd, 'passwd:s' => \$o_passwd, 'x:s' => \$o_passwd, 'passwd:s' => \$o_passwd,
'X:s' => \$o_privpass, 'privpass:s' => \$o_privpass, 'X:s' => \$o_privpass, 'privpass:s' => \$o_privpass,
'L:s' => \$v3protocols, 'protocols:s' => \$v3protocols, 'L:s' => \$v3protocols, 'protocols:s' => \$v3protocols,
't:i' => \$o_timeout, 'timeout:i' => \$o_timeout, 't:i' => \$o_timeout, 'timeout:i' => \$o_timeout,
'V' => \$o_version, 'version' => \$o_version, 'V' => \$o_version, 'version' => \$o_version,
's' => \$o_svn, 'svn' => \$o_svn, 's' => \$o_svn, 'svn' => \$o_svn,
'w' => \$o_fw, 'fw' => \$o_fw, 'w' => \$o_fw, 'fw' => \$o_fw,
'a:s' => \$o_ha, 'ha:s' => \$o_ha, 'a:s' => \$o_ha, 'ha:s' => \$o_ha,
'm' => \$o_mgmt, 'mgmt' => \$o_mgmt, 'm' => \$o_mgmt, 'mgmt' => \$o_mgmt,
'p:s' => \$o_policy, 'policy:s' => \$o_policy, 'p:s' => \$o_policy, 'policy:s' => \$o_policy,
'c:s' => \$o_conn, 'connexions:s' => \$o_conn, 'c:s' => \$o_conn, 'connexions:s' => \$o_conn,
'f' => \$o_perf, 'perfparse' => \$o_perf 'r:s' => \$o_connSR, 'rate:s' => \$o_connSR,
); 'f' => \$o_perf, 'perfparse' => \$o_perf
);
if (defined ($o_help) ) { help(); exit $ERRORS{"UNKNOWN"}}; if (defined ($o_help) ) { help(); exit $ERRORS{"UNKNOWN"}};
if (defined($o_version)) { p_version(); exit $ERRORS{"UNKNOWN"}}; if (defined($o_version)) { p_version(); exit $ERRORS{"UNKNOWN"}};
if ( ! defined($o_host) ) # check host and filter if ( ! defined($o_host) ) # check host and filter
{ print_usage(); exit $ERRORS{"UNKNOWN"}} { print_usage(); exit $ERRORS{"UNKNOWN"}}
# check snmp information # check snmp information
if ( !defined($o_community) && (!defined($o_login) || !defined($o_passwd)) ) if ( !defined($o_community) && (!defined($o_login) || !defined($o_passwd)) )
{ print "Put snmp login info!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}} { print "Put snmp login info!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
if ((defined($o_login) || defined($o_passwd)) && (defined($o_community) || defined($o_version2)) ) if ((defined($o_login) || defined($o_passwd)) && (defined($o_community) || defined($o_version2)) )
{ print "Can't mix snmp v1,2c,3 protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}} { print "Can't mix snmp v1,2c,3 protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
if (defined ($v3protocols)) { if (defined ($v3protocols)) {
if (!defined($o_login)) { print "Put snmp V3 login info with protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}} if (!defined($o_login)) { print "Put snmp V3 login info with protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
my @v3proto=split(/,/,$v3protocols); my @v3proto=split(/,/,$v3protocols);
if ((defined ($v3proto[0])) && ($v3proto[0] ne "")) {$o_authproto=$v3proto[0]; } # Auth protocol if ((defined ($v3proto[0])) && ($v3proto[0] ne "")) {$o_authproto=$v3proto[0]; } # Auth protocol
if (defined ($v3proto[1])) {$o_privproto=$v3proto[1]; } # Priv protocol if (defined ($v3proto[1])) {$o_privproto=$v3proto[1]; } # Priv protocol
if ((defined ($v3proto[1])) && (!defined($o_privpass))) { if ((defined ($v3proto[1])) && (!defined($o_privpass))) {
print "Put snmp V3 priv login info with priv protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}} print "Put snmp V3 priv login info with priv protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
} }
# Check firewall options # Check firewall options
if ( defined($o_conn)) { if ( defined($o_conn)) {
if ( ! defined($o_fw)) if ( ! defined($o_fw))
{ print "Cannot check connexions without checking fw\n"; print_usage(); exit $ERRORS{"UNKNOWN"}} { print "Cannot check connexions without checking fw\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
my @warncrit=split(/,/ , $o_conn); my @warncrit=split(/,/ , $o_conn);
if ( $#warncrit != 1 ) if ( $#warncrit != 1 )
{ print "Put warn,crit levels with -c option\n";print_usage(); exit $ERRORS{"UNKNOWN"}} { print "Put warn,crit levels with -c option\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
($o_warn,$o_crit)=@warncrit; ($o_warn,$o_crit)=@warncrit;
if ( isnnum($o_warn) || isnnum($o_crit) ) if ( isnnum($o_warn) || isnnum($o_crit) )
{ print "Numeric values for warning and critical in -c options\n";print_usage(); exit $ERRORS{"UNKNOWN"}} { print "Numeric values for warning and critical in -c options\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
if ($o_warn >= $o_crit) if ($o_warn >= $o_crit)
{ print "warning <= critical ! \n";print_usage(); exit $ERRORS{"UNKNOWN"}} { print "warning <= critical ! \n";print_usage(); exit $ERRORS{"UNKNOWN"}}
}
if ( defined($o_connSR)) {
if ( ! defined($o_fw))
{ print "Cannot check connexionsSR without checking fw\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
my @warncritSR=split(/,/ , $o_connSR);
if ( $#warncritSR != 1 )
{ print "Put warn,crit levels with -c option\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
($o_warnSR,$o_critSR)=@warncritSR;
if ( isnnum($o_warnSR) || isnnum($o_critSR) )
{ print "Numeric values for warning and critical in -r options\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
if ($o_warnSR >= $o_critSR)
{ print "warning <= critical ! \n";print_usage(); exit $ERRORS{"UNKNOWN"}}
} }
if ( defined($o_policy)) { if ( defined($o_policy)) {
if (! defined($o_fw)) if (! defined($o_fw))
{ print "Cannot check policy name without checking fw\n"; print_usage(); exit $ERRORS{"UNKNOWN"}} { print "Cannot check policy name without checking fw\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
if ($o_policy eq "") if ($o_policy eq "")
{ print "Put a policy name !\n"; print_usage(); exit $ERRORS{"UNKNOWN"}} { print "Put a policy name !\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
} }
if (defined($o_perf) && ! defined ($o_conn)) if (defined($o_perf) && ! defined ($o_conn))
{ print "Nothing selected for perfparse !\n";print_usage(); exit $ERRORS{"UNKNOWN"}} { print "Nothing selected for perfparse !\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
if (!defined($o_fw) && !defined($o_ha) && !defined($o_mgmt) && !defined($o_svn)) if (!defined($o_fw) && !defined($o_ha) && !defined($o_mgmt) && !defined($o_svn))
{ print "Must select a product to check !\n";print_usage(); exit $ERRORS{"UNKNOWN"}} { print "Must select a product to check !\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
if (defined ($o_ha) && ($o_ha ne "") && ($o_ha ne "standby")) if (defined ($o_ha) && ($o_ha ne "") && ($o_ha ne "standby"))
{ print "-a option comes with 'standby' or nothing !\n";print_usage(); exit $ERRORS{"UNKNOWN"}} { print "-a option comes with 'standby' or nothing !\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
} }
########## MAIN ####### ########## MAIN #######
@ -259,49 +280,49 @@ if ( defined($o_login) && defined($o_passwd)) {
if (!defined ($o_privpass)) { if (!defined ($o_privpass)) {
verb("SNMPv3 AuthNoPriv login : $o_login, $o_authproto"); verb("SNMPv3 AuthNoPriv login : $o_login, $o_authproto");
($session, $error) = Net::SNMP->session( ($session, $error) = Net::SNMP->session(
-hostname => $o_host, -hostname => $o_host,
-version => '3', -version => '3',
-username => $o_login, -username => $o_login,
-port => $o_port, -port => $o_port,
-authpassword => $o_passwd, -authpassword => $o_passwd,
-authprotocol => $o_authproto, -authprotocol => $o_authproto,
-timeout => $o_timeout -timeout => $o_timeout
); );
} else { } else {
verb("SNMPv3 AuthPriv login : $o_login, $o_authproto, $o_privproto"); verb("SNMPv3 AuthPriv login : $o_login, $o_authproto, $o_privproto");
($session, $error) = Net::SNMP->session( ($session, $error) = Net::SNMP->session(
-hostname => $o_host, -hostname => $o_host,
-version => '3', -version => '3',
-username => $o_login, -username => $o_login,
-port => $o_port, -port => $o_port,
-authpassword => $o_passwd, -authpassword => $o_passwd,
-authprotocol => $o_authproto, -authprotocol => $o_authproto,
-privpassword => $o_privpass, -privpassword => $o_privpass,
-privprotocol => $o_privproto, -privprotocol => $o_privproto,
-timeout => $o_timeout -timeout => $o_timeout
); );
} }
} else { } else {
if (defined ($o_version2)) { if (defined ($o_version2)) {
# SNMPv2 Login # SNMPv2 Login
verb("SNMP v2c login"); verb("SNMP v2c login");
($session, $error) = Net::SNMP->session( ($session, $error) = Net::SNMP->session(
-hostname => $o_host, -hostname => $o_host,
-version => 2, -version => 2,
-community => $o_community, -community => $o_community,
-port => $o_port, -port => $o_port,
-timeout => $o_timeout -timeout => $o_timeout
); );
} else { } else {
# SNMPV1 login # SNMPV1 login
verb("SNMP v1 login"); verb("SNMP v1 login");
($session, $error) = Net::SNMP->session( ($session, $error) = Net::SNMP->session(
-hostname => $o_host, -hostname => $o_host,
-community => $o_community, -community => $o_community,
-port => $o_port, -port => $o_port,
-timeout => $o_timeout -timeout => $o_timeout
); );
} }
} }
if (!defined($session)) { if (!defined($session)) {
printf("ERROR opening session: %s.\n", $error); printf("ERROR opening session: %s.\n", $error);
@ -327,8 +348,8 @@ $resultat = $session->get_request(
foreach $key ( keys %svn_checks) { foreach $key ( keys %svn_checks) {
verb("$svn_checks_n{$key} : $svn_checks{$key} / $$resultat{$key}"); verb("$svn_checks_n{$key} : $svn_checks{$key} / $$resultat{$key}");
if ( $$resultat{$key} ne $svn_checks{$key} ) { if ( $$resultat{$key} ne $svn_checks{$key} ) {
$svn_print .= $svn_checks_n{$key} . ":" . $$resultat{$key} . " "; $svn_print .= $svn_checks_n{$key} . ":" . $$resultat{$key} . " ";
$svn_state=2; $svn_state=2;
} }
} }
} else { } else {
@ -380,6 +401,8 @@ if (defined ($o_mgmt)) {
my $fw_state=0; my $fw_state=0;
my $fw_print=""; my $fw_print="";
my $perf_conn=undef; my $perf_conn=undef;
my $perf_connSR=undef;
my $perf_connPeak=undef;
if (defined ($o_fw)) { if (defined ($o_fw)) {
@ -392,6 +415,8 @@ if (defined ($o_fw)) {
verb("State : $$resultat{$policy_state}"); verb("State : $$resultat{$policy_state}");
verb("Name : $$resultat{$policy_name}"); verb("Name : $$resultat{$policy_name}");
verb("connections : $$resultat{$connections}"); verb("connections : $$resultat{$connections}");
verb("connectionsSR : $$resultat{$connectionsSR}");
verb("connectionsPeak : $$resultat{$connectionsPeak}");
if ($$resultat{$policy_state} ne "Installed") { if ($$resultat{$policy_state} ne "Installed") {
$fw_state=2; $fw_state=2;
@ -401,22 +426,38 @@ if (defined ($o_fw)) {
if (defined($o_policy)) { if (defined($o_policy)) {
if ($$resultat{$policy_name} ne $o_policy) { if ($$resultat{$policy_name} ne $o_policy) {
$fw_state=2; $fw_state=2;
$fw_print .= "Policy installed : $$resultat{$policy_name}"; $fw_print .= "Policy installed : $$resultat{$policy_name}";
} }
} }
if (defined($o_conn)) { if (defined($o_conn)) {
if ($$resultat{$connections} > $o_crit) { if ($$resultat{$connections} > $o_crit) {
$fw_state=2; $fw_state=2;
$fw_print .= "Connexions : ".$$resultat{$connections}." > ".$o_crit." "; $fw_print .= "Connexions : ".$$resultat{$connections}." > ".$o_crit." ";
} else { } else {
if ($$resultat{$connections} > $o_warn) { if ($$resultat{$connections} > $o_warn) {
if ($fw_state!=2) {$fw_state=1;} if ($fw_state!=2) {$fw_state=1;}
$fw_print .= "Connexions : ".$$resultat{$connections}." > ".$o_warn." "; $fw_print .= "Connexions : ".$$resultat{$connections}." > ".$o_warn." ";
} }
} }
$perf_conn=$$resultat{$connections}; $perf_conn=$$resultat{$connections};
$perf_connSR=$$resultat{$connectionsSR};
$perf_connPeak=$$resultat{$connectionsPeak};
}
if (defined($o_connSR)) {
if ($$resultat{$connectionsSR} > $o_critSR) {
$fw_state=3;
$fw_print .= "Conn/seg : ".$$resultat{$connectionsSR}." > ".$o_critSR." ";
} else {
if ($$resultat{$connectionsSR} > $o_warnSR) {
if ($fw_state!=3) {$fw_state=1;}
$fw_print .= "Conn/seg : ".$$resultat{$connectionsSR}." > ".$o_warnSR." ";
}
}
$perf_conn=$$resultat{$connections};
$perf_connSR=$$resultat{$connectionsSR};
$perf_connPeak=$$resultat{$connectionsPeak};
} }
} else { } else {
$fw_print .= "cannot find oids"; $fw_print .= "cannot find oids";
@ -448,17 +489,17 @@ if (defined ($o_ha)) {
verb("$ha_checks_n{$key} : $ha_checks{$key} / $$resultat{$key}"); verb("$ha_checks_n{$key} : $ha_checks{$key} / $$resultat{$key}");
if ( $o_ha eq "standby" ) { if ( $o_ha eq "standby" ) {
if ( $$resultat{$key} ne $ha_checks_stand{$key} ) { if ( $$resultat{$key} ne $ha_checks_stand{$key} ) {
$ha_print .= $ha_checks_n{$key} . ":" . $$resultat{$key} . " "; $ha_print .= $ha_checks_n{$key} . ":" . $$resultat{$key} . " ";
$ha_state_n=2; $ha_state_n=2;
} }
} else { } else {
if ( $$resultat{$key} ne $ha_checks{$key} ) { if ( $$resultat{$key} ne $ha_checks{$key} ) {
$ha_print .= $ha_checks_n{$key} . ":" . $$resultat{$key} . " "; $ha_print .= $ha_checks_n{$key} . ":" . $$resultat{$key} . " ";
$ha_state_n=2; $ha_state_n=2;
} }
} }
} }
#my $ha_mode = "1.3.6.1.4.1.2620.1.5.11.0"; # "Sync only" : ha Working mode #my $ha_mode = "1.3.6.1.4.1.2620.1.5.11.0"; # "Sync only" : ha Working mode
} else { } else {
$ha_print .= "cannot find oids"; $ha_print .= "cannot find oids";
#Critical state if not found because it means soft is not activated #Critical state if not found because it means soft is not activated
@ -467,7 +508,7 @@ if (defined ($o_ha)) {
# get ha status table # get ha status table
$resultat = $session->get_table( $resultat = $session->get_table(
Baseoid => $ha_tables Baseoid => $ha_tables
); );
my %status; my %status;
my (@index,@oid) = (undef,undef); my (@index,@oid) = (undef,undef);
@ -477,10 +518,10 @@ if (defined ($o_ha)) {
if (defined($resultat)) { if (defined($resultat)) {
foreach $key ( keys %$resultat) { foreach $key ( keys %$resultat) {
if ( $key =~ /$index_search/) { if ( $key =~ /$index_search/) {
@oid=split (/\./,$key); @oid=split (/\./,$key);
pop(@oid); pop(@oid);
$index[$nindex]=pop(@oid); $index[$nindex]=pop(@oid);
$nindex++; $nindex++;
} }
} }
} else { } else {
@ -503,10 +544,10 @@ if (defined ($o_ha)) {
$key=$ha_tables . $ha_tables_state . "." . $index[$i] . ".0"; $key=$ha_tables . $ha_tables_state . "." . $index[$i] . ".0";
if (($status{$ha_soft_name} = $$resultat{$key}) ne "OK") { if (($status{$ha_soft_name} = $$resultat{$key}) ne "OK") {
$key=$ha_tables . $ha_tables_prbdesc . "." . $index[$i] . ".0"; $key=$ha_tables . $ha_tables_prbdesc . "." . $index[$i] . ".0";
$status{$ha_soft_name} = $$resultat{$key}; $status{$ha_soft_name} = $$resultat{$key};
$ha_print .= $ha_soft_name . ":" . $status{$ha_soft_name} . " "; $ha_print .= $ha_soft_name . ":" . $status{$ha_soft_name} . " ";
$ha_state_n=2 $ha_state_n=2
} }
verb ("$ha_soft_name : $status{$ha_soft_name}"); verb ("$ha_soft_name : $status{$ha_soft_name}");
} }
@ -548,6 +589,8 @@ if (($ha_state_n+$svn_state+$fw_state+$mgmt_state) == 0 ) {
if (defined($o_perf) && defined ($perf_conn)) { if (defined($o_perf) && defined ($perf_conn)) {
$f_print .= " | fw_connexions=" . $perf_conn; $f_print .= " | fw_connexions=" . $perf_conn;
$f_print .= " | fw_connexionsSR=" . $perf_connSR;
$f_print .= " | fw_connexionsPeak=" . $perf_connPeak;
} }
print "$f_print\n"; print "$f_print\n";

View File

@ -2,7 +2,7 @@
Summary: A Nagios plugin to check status of XROAD soft-token Summary: A Nagios plugin to check status of XROAD soft-token
Name: nagios-okplugin-check_xroad_token Name: nagios-okplugin-check_xroad_token
Version: 1.0.1 Version: 1.2
Release: 1%{?dist} Release: 1%{?dist}
License: GPLv2+ License: GPLv2+
Group: Applications/System Group: Applications/System
@ -45,5 +45,8 @@ rm -rf %{buildroot}
restorecon -v %{_libdir}/nagios/plugins/check_xroad_token.sh /etc/nrpe.d/check_xroad_token.cfg /etc/sudoers.d/check_xroad_token restorecon -v %{_libdir}/nagios/plugins/check_xroad_token.sh /etc/nrpe.d/check_xroad_token.cfg /etc/sudoers.d/check_xroad_token
%changelog %changelog
* Mon Sep 14 2020 Your Name <you@example.com> 1.2-1
- new package built with tito
* Fri Sep 11 2020 Gardar Thorsteinsson <gardart@gmail.com> 1.0.1-1 * Fri Sep 11 2020 Gardar Thorsteinsson <gardart@gmail.com> 1.0.1-1
- Initial packaging - Initial packaging

View File

@ -0,0 +1,9 @@
# Required steps to use this check
```shell
# On RHEL/Centos
sudo semanage permissive -a nrpe_t
sudo setsebool -P nagios_run_sudo 1
sudo yum install nagios-okplugin-check_xroad_token -y
sudo systemctl restart nrpe
```

View File

@ -0,0 +1 @@
1.2-1 check_xroad_token/

View File

@ -3,6 +3,7 @@
releaser = tito.release.YumRepoReleaser releaser = tito.release.YumRepoReleaser
builder = tito.builder.MockBuilder builder = tito.builder.MockBuilder
builder.mock = epel-7-x86_64 builder.mock = epel-7-x86_64
srpm_disttag = .el7
rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel7/x86_64/ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel7/x86_64/
# RHEL 7 Test # RHEL 7 Test
@ -10,6 +11,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel7/x86_64/
releaser = tito.release.YumRepoReleaser releaser = tito.release.YumRepoReleaser
builder = tito.builder.MockBuilder builder = tito.builder.MockBuilder
builder.mock = epel-7-x86_64 builder.mock = epel-7-x86_64
srpm_disttag = .el7
builder.test = 1 builder.test = 1
rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel7/x86_64/ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel7/x86_64/
@ -19,12 +21,14 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel7/x8
releaser = tito.release.YumRepoReleaser releaser = tito.release.YumRepoReleaser
builder = tito.builder.MockBuilder builder = tito.builder.MockBuilder
builder.mock = epel-6-x86_64 builder.mock = epel-6-x86_64
srpm_disttag = .el6
rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel6/x86_64/ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel6/x86_64/
[production-el6-i386] [production-el6-i386]
releaser = tito.release.YumRepoReleaser releaser = tito.release.YumRepoReleaser
builder = tito.builder.MockBuilder builder = tito.builder.MockBuilder
builder.mock = epel-6-i386 builder.mock = epel-6-i386
srpm_disttag = .el6
rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel6/i386/ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel6/i386/
@ -34,6 +38,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel6/i386/
releaser = tito.release.YumRepoReleaser releaser = tito.release.YumRepoReleaser
builder = tito.builder.MockBuilder builder = tito.builder.MockBuilder
builder.mock = epel-5-x86_64 builder.mock = epel-5-x86_64
srpm_disttag = .el5
createrepo_command = createrepo -s sha1 . createrepo_command = createrepo -s sha1 .
rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel5/x86_64/ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel5/x86_64/
@ -42,6 +47,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel5/x86_64/
releaser = tito.release.YumRepoReleaser releaser = tito.release.YumRepoReleaser
builder = tito.builder.MockBuilder builder = tito.builder.MockBuilder
builder.mock = epel-5-i386 builder.mock = epel-5-i386
srpm_disttag = .el5
createrepo_command = createrepo -s sha1 . createrepo_command = createrepo -s sha1 .
rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel5/i386/ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel5/i386/
@ -50,6 +56,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel5/i386/
releaser = tito.release.YumRepoReleaser releaser = tito.release.YumRepoReleaser
builder = tito.builder.MockBuilder builder = tito.builder.MockBuilder
builder.mock = epel-6-x86_64 builder.mock = epel-6-x86_64
srpm_disttag = .el6
builder.test = 1 builder.test = 1
rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel6/x86_64/ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel6/x86_64/
@ -58,6 +65,7 @@ releaser = tito.release.YumRepoReleaser
builder = tito.builder.MockBuilder builder = tito.builder.MockBuilder
builder.mock = epel-6-i386 builder.mock = epel-6-i386
builder.test = 1 builder.test = 1
srpm_disttag = .el6
rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel6/i386/ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel6/i386/
@ -66,6 +74,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel6/i3
releaser = tito.release.YumRepoReleaser releaser = tito.release.YumRepoReleaser
builder = tito.builder.MockBuilder builder = tito.builder.MockBuilder
builder.mock = epel-5-x86_64 builder.mock = epel-5-x86_64
srpm_disttag = .el5
builder.test = 1 builder.test = 1
createrepo_command = createrepo -s sha1 . createrepo_command = createrepo -s sha1 .
rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel5/x86_64/ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel5/x86_64/
@ -75,6 +84,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel5/x8
releaser = tito.release.YumRepoReleaser releaser = tito.release.YumRepoReleaser
builder = tito.builder.MockBuilder builder = tito.builder.MockBuilder
builder.mock = epel-5-i386 builder.mock = epel-5-i386
srpm_disttag = .el5
builder.test = 1 builder.test = 1
createrepo_command = createrepo -s sha1 . createrepo_command = createrepo -s sha1 .
rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel5/i386/ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel5/i386/
@ -86,6 +96,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel5/i3
releaser = tito.release.YumRepoReleaser releaser = tito.release.YumRepoReleaser
builder = tito.builder.MockBuilder builder = tito.builder.MockBuilder
builder.mock = fedora-20-x86_64 builder.mock = fedora-20-x86_64
srpm_disttag = .fc20
rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/fedora20/x86_64/ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/fedora20/x86_64/
# Fedora FC20 # Fedora FC20
@ -93,6 +104,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/fedora20/x86_64/
releaser = tito.release.YumRepoReleaser releaser = tito.release.YumRepoReleaser
builder = tito.builder.MockBuilder builder = tito.builder.MockBuilder
builder.mock = fedora-20-x86_64 builder.mock = fedora-20-x86_64
srpm_disttag = .fc20
builder.test = 1 builder.test = 1
rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/fedora20/x86_64/ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/fedora20/x86_64/