2015-06-23 17:30:37 +02:00
|
|
|
#
|
2019-01-09 09:57:11 +01:00
|
|
|
# Copyright 2019 Centreon (http://www.centreon.com/)
|
2015-07-21 11:51:02 +02:00
|
|
|
#
|
|
|
|
|
# Centreon is a full-fledged industry-strength solution that meets
|
|
|
|
|
# the needs in IT infrastructure and application monitoring for
|
|
|
|
|
# service performance.
|
|
|
|
|
#
|
|
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
# you may not use this file except in compliance with the License.
|
|
|
|
|
# You may obtain a copy of the License at
|
|
|
|
|
#
|
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
#
|
|
|
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
# See the License for the specific language governing permissions and
|
|
|
|
|
# limitations under the License.
|
|
|
|
|
#
|
2015-06-23 17:30:37 +02:00
|
|
|
|
2017-08-24 17:03:13 +02:00
|
|
|
package network::stormshield::snmp::mode::vpnstatus;
|
2015-06-23 17:30:37 +02:00
|
|
|
|
2019-04-18 15:50:32 +02:00
|
|
|
use base qw(centreon::plugins::templates::counter);
|
2015-06-23 17:30:37 +02:00
|
|
|
|
|
|
|
|
use strict;
|
|
|
|
|
use warnings;
|
|
|
|
|
use Digest::MD5 qw(md5_hex);
|
|
|
|
|
|
|
|
|
|
sub custom_threshold_output {
|
|
|
|
|
my ($self, %options) = @_;
|
|
|
|
|
|
2019-04-18 15:50:32 +02:00
|
|
|
return $self->{instance_mode}->get_severity(section => 'vpn', value => $self->{result_values}->{ntqVPNState});
|
2015-06-23 17:30:37 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sub custom_status_calc {
|
|
|
|
|
my ($self, %options) = @_;
|
|
|
|
|
|
|
|
|
|
$self->{result_values}->{ntqVPNState} = $options{new_datas}->{$self->{instance} . '_ntqVPNState'};
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2019-04-18 15:50:32 +02:00
|
|
|
sub set_counters {
|
|
|
|
|
my ($self, %options) = @_;
|
|
|
|
|
|
|
|
|
|
$self->{maps_counters_type} = [
|
|
|
|
|
{ name => 'vpn', type => 1, cb_prefix_output => 'prefix_vpn_output', message_multiple => 'All vpn are ok' }
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
$self->{maps_counters}->{vpn} = [
|
|
|
|
|
{ label => 'status', threshold => 0, set => {
|
|
|
|
|
key_values => [ { name => 'ntqVPNState' } ],
|
|
|
|
|
closure_custom_calc => $self->can('custom_status_calc'),
|
|
|
|
|
output_template => 'status: %s', output_error_template => 'Status : %s',
|
|
|
|
|
output_use => 'ntqVPNState',
|
|
|
|
|
closure_custom_perfdata => sub { return 0; },
|
|
|
|
|
closure_custom_threshold_check => $self->can('custom_threshold_output'),
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
{ label => 'traffic', nlabel => 'vpn.traffic.bitspersecond', set => {
|
|
|
|
|
key_values => [ { name => 'ntqVPNBytes', diff => 1 }, { name => 'num' } ],
|
|
|
|
|
per_second => 1, output_change_bytes => 2,
|
|
|
|
|
output_template => 'traffic: %s %s/s',
|
|
|
|
|
perfdatas => [
|
|
|
|
|
{ label => 'traffic', value => 'ntqVPNBytes_per_second', template => '%s',
|
|
|
|
|
unit => 'b/s', min => 0, label_extra_instance => 1, cast_int => 1, instance_use => 'num_absolute' },
|
|
|
|
|
],
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sub prefix_vpn_output {
|
|
|
|
|
my ($self, %options) = @_;
|
|
|
|
|
|
|
|
|
|
return "VPN '$options{instance_value}->{num}/$options{instance_value}->{ntqVPNIPSrc}/$options{instance_value}->{ntqVPNIPDst}' ";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
my $thresholds = {
|
|
|
|
|
vpn => [
|
|
|
|
|
['larval', 'WARNING'],
|
|
|
|
|
['mature', 'OK'],
|
|
|
|
|
['dying', 'CRITICAL'],
|
|
|
|
|
['dead', 'CRITICAL'],
|
|
|
|
|
],
|
|
|
|
|
};
|
|
|
|
|
|
2015-06-23 17:30:37 +02:00
|
|
|
sub new {
|
|
|
|
|
my ($class, %options) = @_;
|
2019-04-18 15:50:32 +02:00
|
|
|
my $self = $class->SUPER::new(package => __PACKAGE__, %options, statefile => 1);
|
2015-06-23 17:30:37 +02:00
|
|
|
bless $self, $class;
|
|
|
|
|
|
|
|
|
|
$self->{version} = '1.0';
|
2019-04-18 15:50:32 +02:00
|
|
|
$options{options}->add_options(arguments => {
|
|
|
|
|
"filter-id:s" => { name => 'filter_id' },
|
|
|
|
|
"filter-src-ip:s" => { name => 'filter_src_ip' },
|
|
|
|
|
"filter-dst-ip:s" => { name => 'filter_dst_ip' },
|
|
|
|
|
"threshold-overload:s@" => { name => 'threshold_overload' },
|
|
|
|
|
});
|
|
|
|
|
|
2015-06-23 17:30:37 +02:00
|
|
|
return $self;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sub check_options {
|
|
|
|
|
my ($self, %options) = @_;
|
2019-04-18 15:50:32 +02:00
|
|
|
$self->SUPER::check_options(%options);
|
|
|
|
|
|
2015-06-23 17:30:37 +02:00
|
|
|
$self->{overload_th} = {};
|
|
|
|
|
foreach my $val (@{$self->{option_results}->{threshold_overload}}) {
|
|
|
|
|
if ($val !~ /^(.*?),(.*?),(.*)$/) {
|
|
|
|
|
$self->{output}->add_option_msg(short_msg => "Wrong threshold-overload option '" . $val . "'.");
|
|
|
|
|
$self->{output}->option_exit();
|
|
|
|
|
}
|
|
|
|
|
my ($section, $status, $filter) = ($1, $2, $3);
|
|
|
|
|
if ($self->{output}->is_litteral_status(status => $status) == 0) {
|
|
|
|
|
$self->{output}->add_option_msg(short_msg => "Wrong threshold-overload status '" . $val . "'.");
|
|
|
|
|
$self->{output}->option_exit();
|
|
|
|
|
}
|
|
|
|
|
$self->{overload_th}->{$section} = [] if (!defined($self->{overload_th}->{$section}));
|
|
|
|
|
push @{$self->{overload_th}->{$section}}, {filter => $filter, status => $status};
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sub get_severity {
|
|
|
|
|
my ($self, %options) = @_;
|
|
|
|
|
my $status = 'UNKNOWN'; # default
|
|
|
|
|
|
|
|
|
|
if (defined($self->{overload_th}->{$options{section}})) {
|
|
|
|
|
foreach (@{$self->{overload_th}->{$options{section}}}) {
|
|
|
|
|
if ($options{value} =~ /$_->{filter}/i) {
|
|
|
|
|
$status = $_->{status};
|
|
|
|
|
return $status;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
foreach (@{$thresholds->{$options{section}}}) {
|
|
|
|
|
if ($options{value} =~ /$$_[0]/i) {
|
|
|
|
|
$status = $$_[1];
|
|
|
|
|
return $status;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $status;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
my %map_state = (
|
|
|
|
|
0 => 'larval',
|
|
|
|
|
1 => 'mature',
|
|
|
|
|
2 => 'dying',
|
|
|
|
|
3 => 'dead',
|
|
|
|
|
);
|
|
|
|
|
my $mapping = {
|
|
|
|
|
ntqVPNIPSrc => { oid => '.1.3.6.1.4.1.11256.1.1.1.1.2' },
|
|
|
|
|
ntqVPNIPDst => { oid => '.1.3.6.1.4.1.11256.1.1.1.1.3' },
|
2015-06-25 17:26:33 +02:00
|
|
|
ntqVPNState => { oid => '.1.3.6.1.4.1.11256.1.1.1.1.11', map => \%map_state },
|
2015-06-23 17:30:37 +02:00
|
|
|
ntqVPNBytes => { oid => '.1.3.6.1.4.1.11256.1.1.1.1.13' },
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
sub manage_selection {
|
|
|
|
|
my ($self, %options) = @_;
|
|
|
|
|
|
2019-04-18 15:50:32 +02:00
|
|
|
my $snmp_result = $options{snmp}->get_multiple_table(
|
|
|
|
|
oids => [
|
|
|
|
|
{ oid => $mapping->{ntqVPNIPSrc}->{oid} },
|
|
|
|
|
{ oid => $mapping->{ntqVPNIPDst}->{oid} },
|
|
|
|
|
{ oid => $mapping->{ntqVPNState}->{oid} },
|
|
|
|
|
{ oid => $mapping->{ntqVPNBytes}->{oid} },
|
|
|
|
|
],
|
|
|
|
|
return_type => 1, nothing_quit => 1
|
|
|
|
|
);
|
|
|
|
|
|
2015-06-23 17:30:37 +02:00
|
|
|
$self->{vpn} = {};
|
2019-04-18 15:50:32 +02:00
|
|
|
foreach my $oid (keys %$snmp_result) {
|
|
|
|
|
next if ($oid !~ /^$mapping->{ntqVPNState}->{oid}\.(.*)$/);
|
2015-06-23 17:30:37 +02:00
|
|
|
my $instance = $1;
|
2019-04-18 15:50:32 +02:00
|
|
|
my $result = $options{snmp}->map_instance(mapping => $mapping, results => $snmp_result, instance => $instance);
|
|
|
|
|
|
2015-06-23 17:30:37 +02:00
|
|
|
if (defined($self->{option_results}->{filter_id}) && $self->{option_results}->{filter_id} ne '' &&
|
|
|
|
|
$instance !~ /$self->{option_results}->{filter_id}/) {
|
2019-04-18 15:50:32 +02:00
|
|
|
$self->{output}->output_add(long_msg => "skipping '" . $instance . "': no matching filter id.");
|
2015-06-23 17:30:37 +02:00
|
|
|
next;
|
|
|
|
|
}
|
|
|
|
|
if (defined($self->{option_results}->{filter_src_ip}) && $self->{option_results}->{filter_src_ip} ne '' &&
|
|
|
|
|
$result->{ntqVPNIPSrc} !~ /$self->{option_results}->{filter_src_ip}/) {
|
2019-04-18 15:50:32 +02:00
|
|
|
$self->{output}->output_add(long_msg => "skipping '" . $result->{ntqVPNIPSrc} . "': no matching filter src-ip.");
|
2015-06-23 17:30:37 +02:00
|
|
|
next;
|
|
|
|
|
}
|
|
|
|
|
if (defined($self->{option_results}->{filter_dst_ip}) && $self->{option_results}->{filter_dst_ip} ne '' &&
|
2019-04-18 15:50:32 +02:00
|
|
|
$result->{ntqVPNIPDst} !~ /$self->{option_results}->{filter_dst_ip}/) {
|
|
|
|
|
$self->{output}->output_add(long_msg => "skipping '" . $result->{ntqVPNIPDst} . "': no matching filter dst-ip.");
|
2015-06-23 17:30:37 +02:00
|
|
|
next;
|
|
|
|
|
}
|
|
|
|
|
|
2019-04-18 15:50:32 +02:00
|
|
|
$self->{vpn}->{$instance} = { num => $instance, %$result };
|
2015-06-23 17:30:37 +02:00
|
|
|
$self->{vpn}->{$instance}->{ntqVPNBytes} *= 8 if (defined($self->{vpn}->{$instance}->{ntqVPNBytes}));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (scalar(keys %{$self->{vpn}}) <= 0) {
|
2019-04-18 15:50:32 +02:00
|
|
|
$self->{output}->add_option_msg(short_msg => "No vpn found.");
|
2015-06-23 17:30:37 +02:00
|
|
|
$self->{output}->option_exit();
|
|
|
|
|
}
|
2019-04-18 15:50:32 +02:00
|
|
|
|
|
|
|
|
$self->{cache_name} = "stormshield_" . $self->{mode} . '_' . $options{snmp}->get_hostname() . '_' . $options{snmp}->get_port() . '_' .
|
|
|
|
|
(defined($self->{option_results}->{filter_counters}) ? md5_hex($self->{option_results}->{filter_counters}) : md5_hex('all')) . '_' .
|
|
|
|
|
(defined($self->{option_results}->{filter_id}) ? md5_hex($self->{option_results}->{filter_id}) : md5_hex('all')) . '_' .
|
|
|
|
|
(defined($self->{option_results}->{filter_src_ip}) ? md5_hex($self->{option_results}->{filter_src_ip}) : md5_hex('all')) . '_' .
|
|
|
|
|
(defined($self->{option_results}->{filter_dst_ip}) ? md5_hex($self->{option_results}->{filter_dst_ip}) : md5_hex('all'));
|
2015-06-23 17:30:37 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
1;
|
|
|
|
|
|
|
|
|
|
__END__
|
|
|
|
|
|
|
|
|
|
=head1 MODE
|
|
|
|
|
|
|
|
|
|
Check VPN states.
|
|
|
|
|
|
|
|
|
|
=over 8
|
|
|
|
|
|
|
|
|
|
=item B<--warning-*>
|
|
|
|
|
|
|
|
|
|
Threshold warning.
|
|
|
|
|
Can be: 'traffic'.
|
|
|
|
|
|
|
|
|
|
=item B<--critical-*>
|
|
|
|
|
|
|
|
|
|
Threshold critical.
|
|
|
|
|
Can be: 'traffic'.
|
|
|
|
|
|
|
|
|
|
=item B<--filter-id>
|
|
|
|
|
|
|
|
|
|
Filter by id (regexp can be used).
|
|
|
|
|
|
|
|
|
|
=item B<--filter-src-ip>
|
|
|
|
|
|
|
|
|
|
Filter by src ip (regexp can be used).
|
|
|
|
|
|
|
|
|
|
=item B<--filter-dst-ip>
|
|
|
|
|
|
|
|
|
|
Filter by dst ip (regexp can be used).
|
|
|
|
|
|
|
|
|
|
=item B<--threshold-overload>
|
|
|
|
|
|
|
|
|
|
Set to overload default threshold values (syntax: section,status,regexp)
|
|
|
|
|
It used before default thresholds (order stays).
|
|
|
|
|
Example: --threshold-overload='vpn,CRITICAL,^(?!(mature)$)'
|
|
|
|
|
|
|
|
|
|
=back
|
|
|
|
|
|
|
|
|
|
=cut
|
