claudio/VSC
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Issue

Browse Source 
Code backup
This commit is contained in:
Claudio
2026-05-10 16:59:01 +02:00
commit 368d6fafea
796 changed files with 315310 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Icinga2/Monitoring/011 - Fortigate/check_fortigate.sh
+341
View File
@@ -0,0 +1,341 @@
#!/bin/bash
# - VAR
# - Bash info
APPNAME=$(basename $0)
NAME="Check FireWall Fortinet"
AUTHOR="Kalarumeth"
VERSION="v0.1"
URL="https://github.com/Kalarumeth"
# - Default settings for connection
COMMUNITY="public"
HOST_NAME="localhost"
AP="authPriv"
AUTH="SHA-256"
PRIV="AES"
SNMPVERSION="3"
# - State Variables
STATE_OK=0
STATE_WARN=1
STATE_CRIT=2
STATE_UNK=3
STATE=$STATE_OK
# - OID
Fortinet.OIDS() {
#Info
OID_sysDescr="1.3.6.1.2.1.1.5"
OID_sysUptimeIstance="1.3.6.1.2.1.1.3"
#CPU
OID_fgProcessorUsage="1.3.6.1.4.1.12356.101.4.4.2.1.2" # Gauge32 '%'
#Memory
OID_fgProcModMemCapacity="1.3.6.1.4.1.12356.101.4.5.3.1.6" # Kb
OID_fgProcModMemUsage="1.3.6.1.4.1.12356.101.4.5.3.1.7"
#Sensors
OID_fgHwSensorEntIndex="1.3.6.1.4.1.12356.101.4.3.2.1.1"
OID_fgHwSensorEntName="1.3.6.1.4.1.12356.101.4.3.2.1.2"
OID_fgHwSensorEntValue="1.3.6.1.4.1.12356.101.4.3.2.1.3"
OID_fgHwSensorEntAlarmStatus="1.3.6.1.4.1.12356.101.4.3.2.1.4"
#HA
OID_fgHaStatsIndex="1.3.6.1.4.1.12356.101.13.2.1.1.1"
OID_fgHaStatsSerial="1.3.6.1.4.1.12356.101.13.2.1.1.2"
OID_fgHaStatsCpuUsage="1.3.6.1.4.1.12356.101.13.2.1.1.3"
OID_fgHaStatsMemUsage="1.3.6.1.4.1.12356.101.13.2.1.1.4"
OID_fgHaStatsNetUsage="1.3.6.1.4.1.12356.101.13.2.1.1.5"
OID_fgHaStatsSesCount="1.3.6.1.4.1.12356.101.13.2.1.1.6"
OID_fgHaStatsPktCount="1.3.6.1.4.1.12356.101.13.2.1.1.7"
OID_fgHaStatsByteCount="1.3.6.1.4.1.12356.101.13.2.1.1.8"
OID_fgHaStatsIdsCount="1.3.6.1.4.1.12356.101.13.2.1.1.9"
OID_fgHaStatsAvCount="1.3.6.1.4.1.12356.101.13.2.1.1.10"
OID_fgHaStatsHostname="1.3.6.1.4.1.12356.101.13.2.1.1.11"
OID_fgHaStatsSyncStatus="1.3.6.1.4.1.12356.101.13.2.1.1.12"
OID_fgHaStatsSyncDatimeSucc="1.3.6.1.4.1.12356.101.13.2.1.1.13"
OID_fgHaStatsSyncDatimeUnsucc="1.3.6.1.4.1.12356.101.13.2.1.1.14"
OID_fgHaStatsGlobalChecksum="1.3.6.1.4.1.12356.101.13.2.1.1.15"
OID_fgHaStatsMasterSerial="1.3.6.1.4.1.12356.101.13.2.1.1.16"
}
# - MAIN CODE
Script.HostAlive() {
for server in $HOST_NAME; do
ping -c1 -W1 -q $server &>/dev/null
if [[ $? != 0 ]] ; then
printf "%s\n" "$server is unreachable"
exit $STATE_UNK
fi
done
}
Script.SNMP() {
snmpwalk -v $SNMPVERSION -r 1 -t 10 -Oev -l $AP -u $USER -a $AUTH -A $PHAUTH -x $PRIV -X $PHPRIV $HOST_NAME $1
}
Script.SNMP.Hex() {
snmpwalk -v $SNMPVERSION -r 1 -t 10 -Oav -l $AP -u $USER -a $AUTH -A $PHAUTH -x $PRIV -X $PHPRIV $HOST_NAME $1
}
Fortinet.Main() {
Script.HostAlive
case $1 in
uptime)
Fortinet.UpTime
exit $STATE ;;
cpu)
Fortinet.CPU
exit $STATE ;;
memory)
Fortinet.Memory
exit $STATE ;;
sensors)
Fortinet.Sensors
exit $STATE ;;
ha)
Fortinet.HAStatus
exit $STATE ;;
*)
echo "Unknown check!"
Help.Fortinet
exit $STATE_UNK ;;
esac
}
Fortinet.GetData() {
Fortinet.OIDS
case $1 in
uptime)
sysUptimeIstance=$(Script.SNMP $OID_sysUptimeIstance | cut -d ')' -f 2 )
;;
cpu)
sysCpuPerc=($(Script.SNMP $OID_fgProcessorUsage | cut -d ' ' -f 2))
;;
memory)
ramUsage=$(Script.SNMP $OID_fgProcModMemUsage | cut -d ' ' -f 2)
;;
sensors)
sensIndex=($(Script.SNMP $OID_fgHwSensorEntIndex | cut -d ' ' -f 2))
sensName=($(Script.SNMP $OID_fgHwSensorEntName | tr ' ' '_' | cut -d '"' -f 2))
sensValue=($(Script.SNMP $OID_fgHwSensorEntValue | cut -d '"' -f 2))
sensStatus=($(Script.SNMP $OID_fgHwSensorEntAlarmStatus | cut -d ' ' -f 2))
;;
ha)
fgHaStatsIndex=($(Script.SNMP $OID_fgHaStatsIndex | cut -d ' ' -f 2))
fgHaStatsSerial=($(Script.SNMP $OID_fgHaStatsSerial | cut -d '"' -f 2))
fgHaStatsCpuUsage=($(Script.SNMP $OID_fgHaStatsCpuUsage | cut -d ' ' -f 2))
fgHaStatsMemUsage=($(Script.SNMP $OID_fgHaStatsMemUsage | cut -d ' ' -f 2))
fgHaStatsNetUsage=($(Script.SNMP $OID_fgHaStatsNetUsage | cut -d ' ' -f 2))
fgHaStatsSesCount=($(Script.SNMP $OID_fgHaStatsSesCount | cut -d ' ' -f 2))
fgHaStatsPktCount=($(Script.SNMP $OID_fgHaStatsPktCount | cut -d ' ' -f 2))
fgHaStatsByteCount=($(Script.SNMP $OID_fgHaStatsByteCount | cut -d ' ' -f 2))
fgHaStatsIdsCount=($(Script.SNMP $OID_fgHaStatsIdsCount | cut -d ' ' -f 2))
fgHaStatsAvCount=($(Script.SNMP $OID_fgHaStatsAvCount | cut -d ' ' -f 2))
fgHaStatsHostname=($(Script.SNMP $OID_fgHaStatsHostname | cut -d '"' -f 2))
fgHaStatsSyncStatus=($(Script.SNMP $OID_fgHaStatsSyncStatus | cut -d ' ' -f 2))
fgHaStatsGlobalChecksum=($(Script.SNMP $OID_fgHaStatsGlobalChecksum | cut -d '"' -f 2))
fgHaStatsMasterSerial=($(Script.SNMP $OID_fgHaStatsMasterSerial | cut -d '"' -f 2))
;;
esac
}
Fortinet.ErrorCounter() {
for Error in "$(( WarningCounter + CriticalCounter ))"; do
if [[ $WarningCounter == 0 ]] && [[ $CriticalCounter == 0 ]] ; then
printf "%s\t%s\n\n" "OK!" "All $1 are on range"
elif [[ $WarningCounter != 0 ]] && [[ $CriticalCounter == 0 ]] ; then
printf "%s\t%s\n\n" "WARNING!" "$Error $1 with problem"
STATE=$STATE_WARN
elif [[ $CriticalCounter != 0 ]] ; then
printf "%s\t%s\n\n" "CRITICAL!" "$Error $1 with problem"
STATE=$STATE_CRIT
fi
done
}
# Device Information
Fortinet.UpTime() {
Fortinet.GetData uptime
printf "%s\n" "$sysUptimeIstance"
}
# CPU
Fortinet.CPU() {
Fortinet.GetData cpu
Fortinet.CPU.Header
for((i=0; i<${#sysCpuPerc[@]}; i++))
do
printf "%s\t" "${i} CPU" "${sysCpuPerc[$i]}%"
printf "\n"
done
}
Fortinet.CPU.Header() {
WarningCounter=0
CriticalCounter=0
for((i=0; i<${#sysCpuPerc[@]}; i++)); do
if [[ ${sysCpuPerc[$i]} > 80 ]]; then
WarningCounter=$(( WarningCounter + 1 ))
elif [[ ${sysCpuPerc[$i]} > 90 ]]; then
CriticalCounter=$(( CriticalCounter + 1 ))
fi
done
Fortinet.ErrorCounter "CPU"
printf "%s\t%s\n%s\n" "Id CPU" "Percentage" "======================"
}
# Memory
Fortinet.Memory() {
Fortinet.GetData memory
case 1 in
$(($ramUsage <= 85-1)))
printf "%s\n" "OK! RAM used: $ramUsage%" && exit $STATE_OK ;;
$(($ramUsage <= 95-1)))
printf "%s\n" "WARRING! RAM used: $ramUsage%" && exit $STATE_WARN ;;
$(($ramUsage > 95-1)))
printf "%s\n" "CRITICAL! RAM used: $ramUsage%"&& exit $STATE_CRIT ;;
esac
}
# Sensors
Fortinet.Sensors() {
Fortinet.GetData sensors
Fortinet.Sensors.Header
for((i=0; i<${#sensName[@]}; i++)); do
Fortinet.Sensors.Status
Fortinet.Sensors.Value
Fortinet.Sensors.Name
printf "\n"
done
}
Fortinet.Sensors.Value() {
value=$(echo ${sensValue[$i]} | cut -d "." -f 1)
printf "%s\t" "${value}"
}
Fortinet.Sensors.Status() {
case ${sensStatus[$i]} in
0) printf "%s\t" "Ok" ;;
1) printf "%s\t" "Crit!" ;;
esac
}
Fortinet.Sensors.Name() {
name=$(echo ${sensName[$i]} | tr '_' ' ')
printf "%s\t" "${name}"
}
Fortinet.Sensors.Header() {
WarningCounter=0
CriticalCounter=0
for((i=0; i<${#sensStatus[@]}; i++)); do
if [[ ${sensStatus[$i]} != 0 ]]; then
CriticalCounter=$(( CriticalCounter + 1 ))
fi
done
Fortinet.ErrorCounter "Sensors"
printf "%s\t%s\t%s\n%s\n" "Status" "Value" "Name" "==============================="
}
# HA
Fortinet.HAStatus(){
Fortinet.GetData ha
Fortinet.HAStatus.Header
for((i=0; i<${#fgHaStatsIndex[@]}; i++)); do
printf "%s\t%s\n" "Index :" ${fgHaStatsIndex[$i]}
printf "%s\t%s\n" "HostName :" ${fgHaStatsHostname[$i]}
printf "%s\t%s\n" "Serial :" ${fgHaStatsSerial[$i]}
printf "%s\t%s\n" "CPUUsage :" "${fgHaStatsCpuUsage[$i]} %"
printf "%s\t%s\n" "RamUsage :" "${fgHaStatsMemUsage[$i]} %"
printf "%s\t%s\n" "NetUsage :" "${fgHaStatsNetUsage[$i]} kbs"
printf "%s\t%s\n" "Session :" ${fgHaStatsSesCount[$i]}
printf "%s\t%s\n" "PktCount :" ${fgHaStatsPktCount[$i]}
printf "%s\t%s\n" "ByteCount :" ${fgHaStatsByteCount[$i]}
printf "%s\t%s\n" "IdsCount :" ${fgHaStatsIdsCount[$i]}
printf "%s\t%s\n" "AvCount :" ${fgHaStatsAvCount[$i]}
Fortinet.HAStatus.SyncStatus
printf "%s\t%s\n" "GlobalChecksum :" ${fgHaStatsGlobalChecksum[$i]}
printf "%s\t%s\n" "MasterSerial :" ${fgHaStatsMasterSerial[$i]}
printf '\n'
done
}
Fortinet.HAStatus.Header(){
WarningCounter=0
CriticalCounter=0
for((i=0; i<${#fgHaStatsSyncStatus[@]}; i++)); do
if [[ ${fgHaStatsSyncStatus[$i]} == 0 ]]; then
CriticalCounter=$(( CriticalCounter + 1 ))
fi
done
Fortinet.ErrorCounter "HA value"
printf "%s\n" "=================================="
}
Fortinet.HAStatus.SyncStatus(){
case ${fgHaStatsSyncStatus[$i]} in
0) printf "%s\t%s\n" "SyncStatus :" "unsynchronized" ;;
1) printf "%s\t%s\n" "SyncStatus :" "synchronized" ;;
esac
}
# - COMMAND LINE ENCODER
while test -n "$1"; do
case "$1" in
--host | -h)
HOST_NAME=$2
shift ;;
--user | -u)
USER=$2
shift ;;
--phAuth | -pa)
PHAUTH=$2
shift ;;
--phPriv | -pp)
PHPRIV=$2
shift ;;
--type | -t)
Fortinet.Main $2
shift ;;
--help | -H)
Help.Main ;;
--version | -V)
Help.Info
exit $STATE ;;
*)
echo "Unknown argument: $1"
print_help
exit $STATE_UNK ;;
esac
shift
done
Fortinet.Main