diff options
| -rwxr-xr-x | plugins-scripts/check_ifoperstatus.pl | 212 |
1 files changed, 103 insertions, 109 deletions
diff --git a/plugins-scripts/check_ifoperstatus.pl b/plugins-scripts/check_ifoperstatus.pl index 503f1e4..88782f5 100755 --- a/plugins-scripts/check_ifoperstatus.pl +++ b/plugins-scripts/check_ifoperstatus.pl | |||
| @@ -99,8 +99,8 @@ $status = process_arguments(); | |||
| 99 | use Data::Dumper; | 99 | use Data::Dumper; |
| 100 | # Just in case of problems, let's not hang Nagios | 100 | # Just in case of problems, let's not hang Nagios |
| 101 | $SIG{'ALRM'} = sub { | 101 | $SIG{'ALRM'} = sub { |
| 102 | print ("ERROR: No snmp response from $hostname (alarm)\n"); | 102 | print ("ERROR: No snmp response from $hostname (alarm)\n"); |
| 103 | exit $ERRORS{"UNKNOWN"}; | 103 | exit $ERRORS{"UNKNOWN"}; |
| 104 | }; | 104 | }; |
| 105 | 105 | ||
| 106 | alarm($timeout); | 106 | alarm($timeout); |
| @@ -121,7 +121,7 @@ if (!defined($session)) { | |||
| 121 | if (defined $ifdescr || defined $iftype) { | 121 | if (defined $ifdescr || defined $iftype) { |
| 122 | # escape "/" in ifdescr - very common in the Cisco world | 122 | # escape "/" in ifdescr - very common in the Cisco world |
| 123 | if (defined $iftype) { | 123 | if (defined $iftype) { |
| 124 | $status=fetch_ifindex($snmpIfType, $iftype); | 124 | $status=fetch_ifindex($snmpIfType, $iftype); |
| 125 | } else { | 125 | } else { |
| 126 | $ifdescr =~ s/\//\\\//g; | 126 | $ifdescr =~ s/\//\\\//g; |
| 127 | $status=fetch_ifindex($snmpIfDescr, $ifdescr); # if using on device with large number of interfaces | 127 | $status=fetch_ifindex($snmpIfDescr, $ifdescr); # if using on device with large number of interfaces |
| @@ -150,88 +150,86 @@ push(@snmpoids,$snmpIfDescr); | |||
| 150 | push(@snmpoids,$snmpIfName) if (defined $ifXTable) ; | 150 | push(@snmpoids,$snmpIfName) if (defined $ifXTable) ; |
| 151 | push(@snmpoids,$snmpIfAlias) if (defined $ifXTable) ; | 151 | push(@snmpoids,$snmpIfAlias) if (defined $ifXTable) ; |
| 152 | 152 | ||
| 153 | if (!defined($response = $session->get_request(@snmpoids))) { | 153 | if (!defined($response = $session->get_request(@snmpoids))) { |
| 154 | $answer=$session->error; | 154 | $answer=$session->error; |
| 155 | $session->close; | 155 | $session->close; |
| 156 | $state = 'WARNING'; | 156 | $state = 'WARNING'; |
| 157 | print ("$state: SNMP error: $answer\n"); | 157 | print ("$state: SNMP error: $answer\n"); |
| 158 | exit $ERRORS{$state}; | 158 | exit $ERRORS{$state}; |
| 159 | } | 159 | } |
| 160 | |||
| 161 | $answer = sprintf("host '%s', %s(%s) is %s\n", | ||
| 162 | $hostname, | ||
| 163 | $response->{$snmpIfDescr}, | ||
| 164 | $snmpkey, | ||
| 165 | $ifOperStatus{$response->{$snmpIfOperStatus}} | ||
| 166 | ); | ||
| 167 | |||
| 168 | |||
| 169 | ## Check to see if ifName match is requested and it matches - exit if no match | ||
| 170 | ## not the interface we want to monitor | ||
| 171 | if ( defined $ifName && not ($response->{$snmpIfName} eq $ifName) ) { | ||
| 172 | $state = 'UNKNOWN'; | ||
| 173 | $answer = "Interface name ($ifName) doesn't match snmp value ($response->{$snmpIfName}) (index $snmpkey)"; | ||
| 174 | print ("$state: $answer\n"); | ||
| 175 | exit $ERRORS{$state}; | ||
| 176 | } | ||
| 177 | |||
| 178 | ## define the interface name | ||
| 179 | if (defined $ifXTable) { | ||
| 180 | $name = $response->{$snmpIfName} ." - " .$response->{$snmpIfAlias} ; | ||
| 181 | }else{ | ||
| 182 | $name = $response->{$snmpIfDescr} ; | ||
| 183 | } | ||
| 184 | |||
| 185 | ## if AdminStatus is down - some one made a consious effort to change config | ||
| 186 | ## | ||
| 187 | if ( not ($response->{$snmpIfAdminStatus} == 1) ) { | ||
| 188 | $answer = "Interface $name (index $snmpkey) is administratively down."; | ||
| 189 | if ( not defined $adminWarn or $adminWarn eq "w" ) { | ||
| 190 | $state = 'WARNING'; | ||
| 191 | } elsif ( $adminWarn eq "i" ) { | ||
| 192 | $state = 'OK'; | ||
| 193 | } elsif ( $adminWarn eq "c" ) { | ||
| 194 | $state = 'CRITICAL'; | ||
| 195 | } else { # If wrong value for -a, say warning | ||
| 196 | $state = 'WARNING'; | ||
| 197 | } | ||
| 198 | } | ||
| 199 | ## Check operational status | ||
| 200 | elsif ( $response->{$snmpIfOperStatus} == 2 ) { | ||
| 201 | $state = 'CRITICAL'; | ||
| 202 | $answer = "Interface $name (index $snmpkey) is down."; | ||
| 203 | } elsif ( $response->{$snmpIfOperStatus} == 5 ) { | ||
| 204 | if (defined $dormantWarn ) { | ||
| 205 | if ($dormantWarn eq "w") { | ||
| 206 | $state = 'WARNING'; | ||
| 207 | $answer = "Interface $name (index $snmpkey) is dormant."; | ||
| 208 | }elsif($dormantWarn eq "c") { | ||
| 209 | $state = 'CRITICAL'; | ||
| 210 | $answer = "Interface $name (index $snmpkey) is dormant."; | ||
| 211 | }elsif($dormantWarn eq "i") { | ||
| 212 | $state = 'OK'; | ||
| 213 | $answer = "Interface $name (index $snmpkey) is dormant."; | ||
| 214 | } | ||
| 215 | }else{ | ||
| 216 | # dormant interface - but warning/critical/ignore not requested | ||
| 217 | $state = 'CRITICAL'; | ||
| 218 | $answer = "Interface $name (index $snmpkey) is dormant."; | ||
| 219 | } | ||
| 220 | } elsif ( $response->{$snmpIfOperStatus} == 6 ) { | ||
| 221 | $state = 'CRITICAL'; | ||
| 222 | $answer = "Interface $name (index $snmpkey) notPresent - possible hotswap in progress."; | ||
| 223 | } elsif ( $response->{$snmpIfOperStatus} == 7 ) { | ||
| 224 | $state = 'CRITICAL'; | ||
| 225 | $answer = "Interface $name (index $snmpkey) down due to lower layer being down."; | ||
| 226 | 160 | ||
| 227 | } elsif ( $response->{$snmpIfOperStatus} == 3 || $response->{$snmpIfOperStatus} == 4 ) { | 161 | $answer = sprintf("host '%s', %s(%s) is %s\n", |
| 228 | $state = 'CRITICAL'; | 162 | $hostname, |
| 229 | $answer = "Interface $name (index $snmpkey) down (testing/unknown)."; | 163 | $response->{$snmpIfDescr}, |
| 164 | $snmpkey, | ||
| 165 | $ifOperStatus{$response->{$snmpIfOperStatus}} | ||
| 166 | ); | ||
| 167 | |||
| 168 | |||
| 169 | ## Check to see if ifName match is requested and it matches - exit if no match | ||
| 170 | ## not the interface we want to monitor | ||
| 171 | if ( defined $ifName && not ($response->{$snmpIfName} eq $ifName) ) { | ||
| 172 | $state = 'UNKNOWN'; | ||
| 173 | $answer = "Interface name ($ifName) doesn't match snmp value ($response->{$snmpIfName}) (index $snmpkey)"; | ||
| 174 | print ("$state: $answer\n"); | ||
| 175 | exit $ERRORS{$state}; | ||
| 176 | } | ||
| 177 | |||
| 178 | ## define the interface name | ||
| 179 | if (defined $ifXTable) { | ||
| 180 | $name = $response->{$snmpIfName} ." - " .$response->{$snmpIfAlias} ; | ||
| 181 | }else{ | ||
| 182 | $name = $response->{$snmpIfDescr} ; | ||
| 183 | } | ||
| 230 | 184 | ||
| 231 | } else { | 185 | ## if AdminStatus is down - some one made a consious effort to change config |
| 232 | $state = 'OK'; | 186 | ## |
| 233 | $answer = "Interface $name (index $snmpkey) is up."; | 187 | if ( not ($response->{$snmpIfAdminStatus} == 1) ) { |
| 234 | } | 188 | $answer = "Interface $name (index $snmpkey) is administratively down."; |
| 189 | if ( not defined $adminWarn or $adminWarn eq "w" ) { | ||
| 190 | $state = 'WARNING'; | ||
| 191 | } elsif ( $adminWarn eq "i" ) { | ||
| 192 | $state = 'OK'; | ||
| 193 | } elsif ( $adminWarn eq "c" ) { | ||
| 194 | $state = 'CRITICAL'; | ||
| 195 | } else { # If wrong value for -a, say warning | ||
| 196 | $state = 'WARNING'; | ||
| 197 | } | ||
| 198 | } | ||
| 199 | ## Check operational status | ||
| 200 | elsif ( $response->{$snmpIfOperStatus} == 2 ) { | ||
| 201 | $state = 'CRITICAL'; | ||
| 202 | $answer = "Interface $name (index $snmpkey) is down."; | ||
| 203 | } elsif ( $response->{$snmpIfOperStatus} == 5 ) { | ||
| 204 | if (defined $dormantWarn ) { | ||
| 205 | if ($dormantWarn eq "w") { | ||
| 206 | $state = 'WARNING'; | ||
| 207 | $answer = "Interface $name (index $snmpkey) is dormant."; | ||
| 208 | }elsif($dormantWarn eq "c") { | ||
| 209 | $state = 'CRITICAL'; | ||
| 210 | $answer = "Interface $name (index $snmpkey) is dormant."; | ||
| 211 | }elsif($dormantWarn eq "i") { | ||
| 212 | $state = 'OK'; | ||
| 213 | $answer = "Interface $name (index $snmpkey) is dormant."; | ||
| 214 | } | ||
| 215 | }else{ | ||
| 216 | # dormant interface - but warning/critical/ignore not requested | ||
| 217 | $state = 'CRITICAL'; | ||
| 218 | $answer = "Interface $name (index $snmpkey) is dormant."; | ||
| 219 | } | ||
| 220 | } elsif ( $response->{$snmpIfOperStatus} == 6 ) { | ||
| 221 | $state = 'CRITICAL'; | ||
| 222 | $answer = "Interface $name (index $snmpkey) notPresent - possible hotswap in progress."; | ||
| 223 | } elsif ( $response->{$snmpIfOperStatus} == 7 ) { | ||
| 224 | $state = 'CRITICAL'; | ||
| 225 | $answer = "Interface $name (index $snmpkey) down due to lower layer being down."; | ||
| 226 | } elsif ( $response->{$snmpIfOperStatus} == 3 || $response->{$snmpIfOperStatus} == 4 ) { | ||
| 227 | $state = 'CRITICAL'; | ||
| 228 | $answer = "Interface $name (index $snmpkey) down (testing/unknown)."; | ||
| 229 | } else { | ||
| 230 | $state = 'OK'; | ||
| 231 | $answer = "Interface $name (index $snmpkey) is up."; | ||
| 232 | } | ||
| 235 | 233 | ||
| 236 | 234 | ||
| 237 | 235 | ||
| @@ -272,21 +270,21 @@ sub fetch_ifindex { | |||
| 272 | } | 270 | } |
| 273 | 271 | ||
| 274 | sub usage() { | 272 | sub usage() { |
| 275 | printf "\nMissing arguments!\n"; | 273 | printf "\nMissing arguments!\n"; |
| 276 | printf "\n"; | 274 | printf "\n"; |
| 277 | printf "usage: \n"; | 275 | printf "usage: \n"; |
| 278 | printf "check_ifoperstatus -k <IF_KEY> -H <HOSTNAME> [-C <community>]\n"; | 276 | printf "check_ifoperstatus -k <IF_KEY> -H <HOSTNAME> [-C <community>]\n"; |
| 279 | printf "Copyright (C) 2000 Christoph Kron\n"; | 277 | printf "Copyright (C) 2000 Christoph Kron\n"; |
| 280 | printf "check_ifoperstatus.pl comes with ABSOLUTELY NO WARRANTY\n"; | 278 | printf "check_ifoperstatus.pl comes with ABSOLUTELY NO WARRANTY\n"; |
| 281 | printf "This programm is licensed under the terms of the "; | 279 | printf "This programm is licensed under the terms of the "; |
| 282 | printf "GNU General Public License\n(check source code for details)\n"; | 280 | printf "GNU General Public License\n(check source code for details)\n"; |
| 283 | printf "\n\n"; | 281 | printf "\n\n"; |
| 284 | exit $ERRORS{"UNKNOWN"}; | 282 | exit $ERRORS{"UNKNOWN"}; |
| 285 | } | 283 | } |
| 286 | 284 | ||
| 287 | sub print_help() { | 285 | sub print_help() { |
| 288 | printf "check_ifoperstatus plugin for Nagios monitors operational \n"; | 286 | printf "check_ifoperstatus plugin for Nagios monitors operational \n"; |
| 289 | printf "status of a particular network interface on the target host\n"; | 287 | printf "status of a particular network interface on the target host\n"; |
| 290 | printf "\nUsage:\n"; | 288 | printf "\nUsage:\n"; |
| 291 | printf " -H (--hostname) Hostname to query - (required)\n"; | 289 | printf " -H (--hostname) Hostname to query - (required)\n"; |
| 292 | printf " -C (--community) SNMP read community (defaults to public,\n"; | 290 | printf " -C (--community) SNMP read community (defaults to public,\n"; |
| @@ -297,20 +295,20 @@ sub print_help() { | |||
| 297 | printf " if monitoring with -d\n"; | 295 | printf " if monitoring with -d\n"; |
| 298 | printf " -L (--seclevel) choice of \"noAuthNoPriv\", \"authNoPriv\", or \"authPriv\"\n"; | 296 | printf " -L (--seclevel) choice of \"noAuthNoPriv\", \"authNoPriv\", or \"authPriv\"\n"; |
| 299 | printf " -U (--secname) username for SNMPv3 context\n"; | 297 | printf " -U (--secname) username for SNMPv3 context\n"; |
| 300 | printf " -c (--context) SNMPv3 context name (default is empty string)"; | 298 | printf " -c (--context) SNMPv3 context name (default is empty string)\n"; |
| 301 | printf " -A (--authpass) authentication password (cleartext ascii or localized key\n"; | 299 | printf " -A (--authpass) authentication password (cleartext ascii or localized key\n"; |
| 302 | printf " in hex with 0x prefix generated by using \"snmpkey\" utility\n"; | 300 | printf " in hex with 0x prefix generated by using \"snmpkey\" utility\n"; |
| 303 | printf " auth password and authEngineID\n"; | 301 | printf " auth password and authEngineID\n"; |
| 304 | printf " -a (--authproto) Authentication protocol ( MD5 or SHA1)\n"; | 302 | printf " -a (--authproto) Authentication protocol (MD5 or SHA1)\n"; |
| 305 | printf " -X (--privpass) privacy password (cleartext ascii or localized key\n"; | 303 | printf " -X (--privpass) privacy password (cleartext ascii or localized key\n"; |
| 306 | printf " in hex with 0x prefix generated by using \"snmpkey\" utility\n"; | 304 | printf " in hex with 0x prefix generated by using \"snmpkey\" utility\n"; |
| 307 | printf " privacy password and authEngineID\n"; | 305 | printf " privacy password and authEngineID\n"; |
| 308 | printf " -x (--privproto) privacy protocol (DES or AES; default: DES)\n"; | 306 | printf " -x (--privproto) privacy protocol (DES or AES; default: DES)\n"; |
| 309 | printf " -k (--key) SNMP IfIndex value\n"; | 307 | printf " -k (--key) SNMP IfIndex value\n"; |
| 310 | printf " -d (--descr) SNMP ifDescr value\n"; | 308 | printf " -d (--descr) SNMP ifDescr value\n"; |
| 311 | printf " -T (--type) SNMP ifType integer value (see http://www.iana.org/assignments/ianaiftype-mib)\n"; | 309 | printf " -T (--type) SNMP ifType integer value (see http://www.iana.org/assignments/ianaiftype-mib)\n"; |
| 312 | printf " -p (--port) SNMP port (default 161)\n"; | 310 | printf " -p (--port) SNMP port (default 161)\n"; |
| 313 | printf " -I (--ifmib) Agent supports IFMIB ifXTable. Do not use if\n"; | 311 | printf " -I (--ifmib) Agent supports IFMIB ifXTable. Do not use if\n"; |
| 314 | printf " you don't know what this is. \n"; | 312 | printf " you don't know what this is. \n"; |
| 315 | printf " -n (--name) the value should match the returned ifName\n"; | 313 | printf " -n (--name) the value should match the returned ifName\n"; |
| 316 | printf " (Implies the use of -I)\n"; | 314 | printf " (Implies the use of -I)\n"; |
| @@ -357,12 +355,11 @@ sub process_arguments() { | |||
| 357 | ); | 355 | ); |
| 358 | 356 | ||
| 359 | 357 | ||
| 360 | |||
| 361 | if ($status == 0){ | 358 | if ($status == 0){ |
| 362 | print_help(); | 359 | print_help(); |
| 363 | exit $ERRORS{'OK'}; | 360 | exit $ERRORS{'OK'}; |
| 364 | } | 361 | } |
| 365 | 362 | ||
| 366 | if ($opt_V) { | 363 | if ($opt_V) { |
| 367 | print_revision($PROGNAME,'@NP_VERSION@'); | 364 | print_revision($PROGNAME,'@NP_VERSION@'); |
| 368 | exit $ERRORS{'OK'}; | 365 | exit $ERRORS{'OK'}; |
| @@ -378,14 +375,12 @@ sub process_arguments() { | |||
| 378 | exit $ERRORS{"UNKNOWN"}; | 375 | exit $ERRORS{"UNKNOWN"}; |
| 379 | } | 376 | } |
| 380 | 377 | ||
| 381 | |||
| 382 | unless ($snmpkey > 0 || defined $ifdescr || defined $iftype){ | 378 | unless ($snmpkey > 0 || defined $ifdescr || defined $iftype){ |
| 383 | printf "Either a valid snmpkey key (-k) or a ifDescr (-d) must be provided)\n"; | 379 | printf "Either a valid snmpkey key (-k) or a ifDescr (-d) must be provided)\n"; |
| 384 | usage(); | 380 | usage(); |
| 385 | exit $ERRORS{"UNKNOWN"}; | 381 | exit $ERRORS{"UNKNOWN"}; |
| 386 | } | 382 | } |
| 387 | 383 | ||
| 388 | |||
| 389 | if (defined $name) { | 384 | if (defined $name) { |
| 390 | $ifXTable=1; | 385 | $ifXTable=1; |
| 391 | } | 386 | } |
| @@ -401,7 +396,6 @@ sub process_arguments() { | |||
| 401 | $timeout = $TIMEOUT; | 396 | $timeout = $TIMEOUT; |
| 402 | } | 397 | } |
| 403 | 398 | ||
| 404 | |||
| 405 | if ($snmp_version !~ /[123]/){ | 399 | if ($snmp_version !~ /[123]/){ |
| 406 | $state='UNKNOWN'; | 400 | $state='UNKNOWN'; |
| 407 | print ("$state: No support for SNMP v$snmp_version yet\n"); | 401 | print ("$state: No support for SNMP v$snmp_version yet\n"); |
| @@ -409,9 +403,9 @@ sub process_arguments() { | |||
| 409 | } | 403 | } |
| 410 | 404 | ||
| 411 | %session_opts = ( | 405 | %session_opts = ( |
| 412 | -hostname => $hostname, | 406 | -hostname => $hostname, |
| 413 | -port => $port, | 407 | -port => $port, |
| 414 | -version => $snmp_version, | 408 | -version => $snmp_version, |
| 415 | -maxmsgsize => $maxmsgsize | 409 | -maxmsgsize => $maxmsgsize |
| 416 | ); | 410 | ); |
| 417 | 411 | ||
| @@ -420,7 +414,7 @@ sub process_arguments() { | |||
| 420 | if ($snmp_version =~ /3/ ) { | 414 | if ($snmp_version =~ /3/ ) { |
| 421 | # Must define a security level even though default is noAuthNoPriv | 415 | # Must define a security level even though default is noAuthNoPriv |
| 422 | # v3 requires a security username | 416 | # v3 requires a security username |
| 423 | if (defined $seclevel && defined $secname) { | 417 | if (defined $seclevel && defined $secname) { |
| 424 | $session_opts{'-username'} = $secname; | 418 | $session_opts{'-username'} = $secname; |
| 425 | 419 | ||
| 426 | # Must define a security level even though defualt is noAuthNoPriv | 420 | # Must define a security level even though defualt is noAuthNoPriv |
| @@ -450,7 +444,7 @@ sub process_arguments() { | |||
| 450 | } | 444 | } |
| 451 | 445 | ||
| 452 | # Privacy (DES encryption) wanted | 446 | # Privacy (DES encryption) wanted |
| 453 | if ($seclevel eq 'authPriv' ) { | 447 | if ($seclevel eq 'authPriv' ) { |
| 454 | if (! defined $privpass) { | 448 | if (! defined $privpass) { |
| 455 | usage(); | 449 | usage(); |
| 456 | exit $ERRORS{"UNKNOWN"}; | 450 | exit $ERRORS{"UNKNOWN"}; |