claudio/VSC
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
368d6fafea77b1090b7cb471d610f83bdc2050f9
VSC/Icinga2/_Test/Test File/check_watchguard.sh
T
claudio 368d6fafea Issue 
Code backup
2026-05-10 16:59:01 +02:00

413 lines
14 KiB
Bash
Raw Blame History

#########################################################
## GLOBAL VARIABLES ##
#########################################################
APPNAME=$(basename $0)
AUTHOR="Claudio Boggian"
VERSION="0.1"
# Default settings for connection
COMMUNITY='public'
HOST_NAME='172.16.254.240'
SNMPVERSION='2c'
# State Variables
STATE_OK=0
STATE_WARN=1
STATE_CRIT=2
STATE_UNK=3
# Default Outputs
STATE=$STATE_OK
STATE_STRING=""
PERFDATA=""
WARNING=65
CRITICAL=70
SEPARATOR="\n"
ARG_TOKEN=','
#########################################################
# Universal SNMP OIDS #
#########################################################
#wgSystemStatisticsMIB
OID_wgSystemTotalSendBytes="1.3.6.1.4.1.3097.6.3.8"
OID_wgSystemTotalRecvBytes="1.3.6.1.4.1.3097.6.3.9"
OID_wgSystemTotalSendPackets="1.3.6.1.4.1.3097.6.3.10"
OID_wgSystemTotalRecvPackets="1.3.6.1.4.1.3097.6.3.11"
OID_wgSystemCpuUtil1="1.3.6.1.4.1.3097.6.3.77"
OID_wgSystemCurrActiveConns="1.3.6.1.4.1.3097.6.3.80"
#wgIpsecStats
OID_wgIpsecTunnelNum="1.3.6.1.4.1.3097.6.5.1.1"
#wgInfoSystem
OID_wgInfoGavService="1.3.6.1.4.1.3097.6.1.3.0"
OID_wgInfoIpsService="1.3.6.1.4.1.3097.6.1.4.0"
#########################################################
# print_version #
#########################################################
print_version() {
echo "$APPNAME $VERSION"
echo "$AUTHOR"
echo ''
}
#########################################################
# print_usage #
#########################################################
print_usage(){
echo ''
echo 'Usage for SNMP v1/2c:'
echo " $APPNAME -H <host/IP> -t <type of check> [-C <SNMP community>] [-p <ports>] [-S <character>] [-w <warning value>] [-c <critical value>]"
echo ''
echo 'Usage for SNMP v3:'
echo " $APPNAME -H <host/IP> -t <check> -u <user> -x <protocol> -X <password> -a <protocol> -A <password> -l <security mode> [-p <ports>] [-S <character>]>"
echo ''
}
#########################################################
## print_help Function ##
#########################################################
# Prints out user help and gives examples of proper #
# plugin usage #
#########################################################
function print_help () {
print_version
echo 'Description:'
echo "$APPNAME is a Nagios plugin to check the status of various components of Dell PowerConnect switches."
echo ''
echo 'This plugin is not developped by the Nagios Plugin group.'
echo 'Please do not e-mail them for support on this plugin.'
echo ''
echo 'For contact info, please read the plugin script file.'
print_usage
echo "---------------------------------------------------------------------"
echo ''
echo 'OPTIONS:'
echo ' -H|--host'
echo ' Host name or IP address to check. Default is: localhost. REQUIRED OPTION'
echo ' -v|--snmpversion { 1 | 2c | 3 }'
echo " Specifies the SNMP version to use. Default is '2c'. REQUIRED OPTION"
echo ' -C|--community'
echo " SNMP v2 community string with Read access. Default is 'public'. REQUIRED OPTION"
echo ' -u|--user'
echo ' SNMP v3 username'
echo ' -l|--privlevel { noAuthNoPriv | authNoPriv | authPriv }'
echo ' SNMP v3 privilege level'
echo ' -x|--privprotocol { DES | AES }'
echo ' SNMP v3 privacy protocol'
echo ' -X|--privpassword'
echo ' SNMP v3 privacy password'
echo ' -a|--authprotocol { MD5 | SHA }'
echo ' SNMP v3 authentication protocol'
echo ' -A|--authpassword'
echo ' SNMP v3 authentication password'
echo ' -t|--type { Transfer | Cpu | ActiveConns | IpsecTunnelNum | InfoUpdate }'
echo ' The check you want to perform for the switch(es).'
echo ' REQUIRED OPTION.'
echo ' -p|--port <port(s)>'
echo " Specify port number, or list of ports (comma-separated) to be checked (only for the '-t port' option!)"
echo ' -S|--separator <text string>'
echo ' Assign a particular string as the separator for consumables.'
echo ' Default is " " to conform to Nagios plugin development guidelines'
echo ' -w|--warning'
echo ' Assign WARNING value, in degrees C, for temperature checks'
echo ' -c|--critical'
echo ' Assign CRITICAL value, in degrees C, for temperature checks'
echo ' -h|--help'
echo ' Show this help screen'
echo ' -V|--version'
echo ' Show the current version of the plugin'
echo ''
echo 'CHECK TYPES:'
echo ' assets:'
echo ' Returns serial number and service tag of unit. '
echo ''
echo ' description:'
echo ' Returns make and model of unit. Equivalent to checking sysDescr.'
echo ''
echo ' uptime:'
echo ' How long the unit has been powered on. Equivalent to checking sysUptime.'
echo ''
echo ' ports:'
echo ' Checks admin status of all ports. Reports number of ports UP and DOWN. Equivalent to checking ifOperStatus'
echo ''
echo ' port:'
echo ' Admin status of specified ports. Reports number of ports UP and DOWN. '
echo ' Ports to check can be specified as a range (x-y), as well as a comma-separated list (3,5,19).'
echo ''
echo ' health:'
echo " Global health status of the device(s). Will let you know something is wrong, but won't check what."
echo ''
echo ' temps:'
echo ' Ambient temperature of the device(s).'
echo ' WARNING and CRITICAL values are required! Default WARNING is 65 deg F and CRITICAL is 70 deg F.'
echo ''
echo ' fans:'
echo ' Fan status of the device(s).'
echo ''
echo ' psus:'
echo ' Power supply status of the device(s).'
echo ''
echo 'EXAMPLES:'
echo " $APPNAME -H hostname -C public -t port -p 42"
echo ' to check status of port 42'
echo " $APPNAME -H hostname -C public -t psus"
echo ' to check status of power supplies'
echo " $APPNAME -H hostname -C public -t temps -w 60 -c 70"
echo ' to check thermal temperatures'
echo ''
exit $STATE_UNK
}
#########################################################
## CheckPort function ##
#########################################################
# Check System Statistics Send/Recv
function CheckTransferData (){
TOTSENDB=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgSystemTotalSendBytes)
TOTSENDPKG=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgSystemTotalSendPackets)
TOTRECVB=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgSystemTotalRecvBytes)
TOTRECVPKG=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgSystemTotalRecvPackets)
TSPO=$(echo "$TOTSENDPKG" | cut -d " " -f 4)
TSBO=$(echo "$TOTSENDB" | cut -d " " -f 4 | awk '{ byte =$1 /1024/1024/1024; print byte " GB" }')
TRPO=$(echo "$TOTRECVPKG" | cut -d " " -f 4)
TRBO=$(echo "$TOTRECVB" | cut -d " " -f 4 | awk '{ byte =$1 /1024/1024/1024; print byte " GB" }')
echo "WatchGuard Send:"
echo " $TSPO pkg"
echo " $TSBO"
echo ""
echo "WatchGuard Recive:"
echo " $TRPO pkg"
echo " $TRBO"
}
function CheckCpuUtil (){
CPUUTIL=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgSystemCpuUtil1)
CPU_STATE=$(echo "$CPUUTIL" | cut -d " " -f 4)
CPU_PERC=$(echo "$CPU_STATE" | awk '{ byte =$1 /10; print byte " %" }')
case 1 in
$(($CPU_STATE>= 0))) echo "OK! CPU used: $CPU_PERC"
exit 0 ;;
$(($CPU_STATE>= 800))) echo "WARRING! CPU used: $CPU_PERC"
exit 1 ;;
$(($CPU_STATE>= 900))) echo "CRITICAL! CPU used: $CPU_PERC"
exit 2 ;;
*) echo "UNKNOWN! Cpu not found"
exit 3 ;;
esac
}
function CheckCurrActiveConns (){ # Max 3.300.000
CAC=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgSystemCurrActiveConns)
CACO=$(echo "$CAC" | cut -d " " -f 4)
case 1 in
$(($CACO>= 0))) echo "OK! Current Active Connections: $CACO"
exit 0 ;;
$(($CACO>= 2640000))) echo "WARRING! Current Active Connections: $CACO"
exit 1 ;;
$(($CACO>= 2970000))) echo "CRITICAL! Current Active Connections: $CACO"
exit 2 ;;
*) echo "UNKNOWN! Current Active Connections not found"
exit 3 ;;
esac
}
function CheckIpsecTunnelNum (){
IPSTN=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgIpsecTunnelNum)
IPSTNO=$(echo "$IPSTN" | cut -d " " -f 4)
echo "VPN active: $IPSTNO"
}
function CheckInfoGavService (){
INFOGAV=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgInfoGavService)
IGSV=$(echo "$INFOGAV" | cut -d "<" -f 2 | cut -d ">" -f 1)
IGSD=$(echo "$INFOGAV" | cut -d "(" -f 2 | cut -d ")" -f 1)
echo "Gateway Antivirus Service: $IGSV | $IGSD"
}
function CheckInfoIpsService (){
INFOIPS=$(snmpwalk -v $SNMPVERSION -c $COMMUNITY $HOST_NAME $OID_wgInfoIpsService)
IISV=$(echo "$INFOIPS" | cut -d "<" -f 2 | cut -d ">" -f 1)
IISD=$(echo "$INFOIPS" | cut -d "(" -f 2 | cut -d ")" -f 1)
echo "Intrusion Prevention Service: $IISV | $IISD"
}
#########################################################
# Subroutine: check_snmp_error #
#########################################################
check_snmp_error(){
if [[ $1 -ne 0 ]]; then
echo $2
exit $STATE_UNK
fi
}
#########################################################
## MAIN CODE ##
#########################################################
# Check that all required binaries for the script are available
# EXIT with an UNKNOWN status if not
binaries="snmpwalk snmpget cut tr sed grep awk wc"
for required_binary in $binaries
do
which $required_binary > /dev/null
if [ "$?" != '0' ];then
echo "UNKNOWN: $APPNAME: No usable '$required_binary' binary in '$PATH'"
exit $STATE_UNK
fi
done
# Check to see if any parameters were passed
if [[ $# -eq 0 ]]; then
print_usage
exit $STATE_UNK
fi
while test -n "$1"; do
case "$1" in
--host|-H)
HOST_NAME=$2
shift
;;
--comunity|-C)
COMMUNITY=$2
shift
;;
--snmpversion|-v)
SNMPVERSION=$2
shift
;;
--user|-u)
SNMPUSER=$2
shift
;;
--privelegelevel|-l)
PRIVILEGELEVEL=$2
shift
;;
--authprotocol|-a)
AUTHPROTOCOL=$2
shift
;;
--authpassword|-A)
AUTHPASSWORD=$2
shift
;;
--privacyprotocol|-x)
PRIVACYPROTOCOL=$2
shift
;;
--privacypassword|-X)
PRIVACYPASSWORD=$2
shift
;;
--type|-t)
CHECK_TYPE=$2
shift
;;
--port|-p)
PORT_LIST=$2
shift
;;
--separator|-S) # Assign separator
SEPARATOR="$2"
shift
;;
--warning|-w) # Assign WARNING threshold
WARNING=$2
shift
;;
--critical|-c) # Assign CRITICAL threshold
CRITICAL=$2
shift
;;
--help|-h)
print_help
;;
--version|-V)
print_version
exit $STATE
;;
*)
echo "Unknown argument: $1"
print_usage
exit $STATE_UNK
;;
esac
shift
done
# Make sure all necessary arguments were given; EXIT with an UNKNOWN status if not
if [ ! -z $CHECK_TYPE ]; then
# Determine the check to perform
case "$CHECK_TYPE" in
"Transfer")
CheckTransferData
;;
"Cpu")
CheckCpuUtil
STATE=$?
;;
"ActiveConns")
CheckCurrActiveConns
STATE=$?
;;
"IpsecTunnelNum")
CheckIpsecTunnelNum
;;
"InfoGav")
CheckInfoGavService
;;
"InfoIps")
CheckInfoIpsService
;;
esac
else
echo "Command incomplete!"
STATE=$STATE_UNK
fi
# If the program hasn't exited already, then a check was run okay and we can quit.
if [ "$PERFDATA" == "" ]; then
echo "$STATE_STRING"
else
echo "$STATE_STRING|$PERFDATA"
fi
exit $STATE
Reference in New Issue View Git Blame Copy Permalink