diff --git a/cloud/azure/custom/api.pm b/cloud/azure/custom/api.pm index 30a627223..6e56c0469 100644 --- a/cloud/azure/custom/api.pm +++ b/cloud/azure/custom/api.pm @@ -641,6 +641,26 @@ sub azure_get_log_analytics { return $response; } +sub azure_get_publicip_set_url { + my ($self, %options) = @_; + + my $url = $self->{management_endpoint} . "/subscriptions/" . $self->{subscription}; + $url .= "/resourceGroups/" . $options{resource_group} if (defined($options{resource_group}) && $options{resource_group} ne ''); + $url .= "/providers/Microsoft.Network/publicIPAddresses/" . $options{resource} if (defined($options{resource}) && $options{resource} ne ''); + $url .= "?api-version=" . $self->{api_version}; + + return $url; +} + +sub azure_get_publicip { + my ($self, %options) = @_; + + my $full_url = $self->azure_get_publicip_set_url(%options); + my $response = $self->request_api(method => 'GET', full_url => $full_url, hostname => ''); + + return $response; +} + 1; __END__ diff --git a/cloud/azure/custom/azcli.pm b/cloud/azure/custom/azcli.pm index 3dee04217..253137fe5 100644 --- a/cloud/azure/custom/azcli.pm +++ b/cloud/azure/custom/azcli.pm @@ -538,6 +538,23 @@ sub azure_get_log_analytics { return $self->execute(cmd_options => $cmd_options); } +sub azure_get_publicip_set_cmd { + my ($self, %options) = @_; + + return if (defined($self->{option_results}->{command_options}) && $self->{option_results}->{command_options} ne ''); + + my $cmd_options = "network public-ip show --resource-group '$options{resource_group}' --name '$options{resource}'"; + $cmd_options .= " --subscription '$self->{subscription}'" if (defined($self->{subscription}) && $self->{subscription} ne ''); + return $cmd_options; +} + +sub azure_get_publicip { + my ($self, %options) = @_; + + my $cmd_options = $self->azure_get_log_analytics_set_cmd(%options); + return $self->execute(cmd_options => $cmd_options); +} + 1; __END__ diff --git a/cloud/azure/custom/mode.pm b/cloud/azure/custom/mode.pm index 2e87adc3a..7c0b45489 100644 --- a/cloud/azure/custom/mode.pm +++ b/cloud/azure/custom/mode.pm @@ -85,13 +85,15 @@ sub custom_metric_perfdata { sub custom_metric_output { my ($self, %options) = @_; + my $network = defined($self->{instance_mode}->{metrics_mapping}->{$self->{result_values}->{metric}}->{network}) ? { network => '1' } : undef; + my ($value, $unit) = $self->{instance_mode}->{metrics_mapping}->{$self->{result_values}->{metric}}->{unit} eq 'B' ? - $self->{perfdata}->change_bytes(value => $self->{result_values}->{value}->{absolute}) : + $self->{perfdata}->change_bytes(value => $self->{result_values}->{value}->{absolute}, %{$network}) : ($self->{result_values}->{value}->{absolute}, $self->{instance_mode}->{metrics_mapping}->{$self->{result_values}->{metric}}->{unit}); if (defined($self->{instance_mode}->{option_results}->{per_second})) { ($value, $unit) = $self->{instance_mode}->{metrics_mapping}->{$self->{result_values}->{metric}}->{unit} eq 'B' ? - $self->{perfdata}->change_bytes(value => $self->{result_values}->{value}->{per_second}) : + $self->{perfdata}->change_bytes(value => $self->{result_values}->{value}->{per_second}, %{$network}) : ($self->{result_values}->{value}->{per_second}, $unit); $unit .= '/s'; } diff --git a/cloud/azure/network/firewall/mode/discovery.pm b/cloud/azure/network/firewall/mode/discovery.pm new file mode 100644 index 000000000..d0f238938 --- /dev/null +++ b/cloud/azure/network/firewall/mode/discovery.pm @@ -0,0 +1,60 @@ +# +# Copyright 2020 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package cloud::azure::network::firewall::mode::discovery; + +use base qw(cloud::azure::management::monitor::mode::discovery); + +use strict; +use warnings; + +sub check_options { + my ($self, %options) = @_; + $self->SUPER::check_options(%options); + + $self->{namespace} = 'Microsoft.Network'; + $self->{type} = 'azurefirewalls'; +} + +1; + +__END__ + +=head1 MODE + +Azure Firewall discovery. + +=over 8 + +=item B<--resource-group> + +Specify resource group. + +=item B<--location> + +Specify location. + +=item B<--prettify> + +Prettify JSON output. + +=back + +=cut diff --git a/cloud/azure/network/firewall/mode/health.pm b/cloud/azure/network/firewall/mode/health.pm new file mode 100644 index 000000000..1cfebd99c --- /dev/null +++ b/cloud/azure/network/firewall/mode/health.pm @@ -0,0 +1,141 @@ +# +# Copyright 2020 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package cloud::azure::network::firewall::mode::health; + +use base qw(cloud::azure::custom::mode); + +use strict; +use warnings; + +sub get_metrics_mapping { + my ($self, %options) = @_; + + my $metrics_mapping = { + 'firewallhealth' => { + 'output' => 'Firewall health state', + 'label' => 'firewall-health-percentage', + 'nlabel' => 'firewall.health.percentage', + 'unit' => '%', + 'min' => '0' + } + }; + + return $metrics_mapping; +} + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options, force_new_perfdata => 1); + bless $self, $class; + + $options{options}->add_options(arguments => { + 'filter-metric:s' => { name => 'filter_metric' }, + 'resource:s' => { name => 'resource' }, + 'resource-group:s' => { name => 'resource_group' } + }); + + return $self; +} + +sub check_options { + my ($self, %options) = @_; + $self->SUPER::check_options(%options); + + if (!defined($self->{option_results}->{resource}) || $self->{option_results}->{resource} eq '') { + $self->{output}->add_option_msg(short_msg => 'Need to specify either --resource with --resource-group option or --resource .'); + $self->{output}->option_exit(); + } + my $resource = $self->{option_results}->{resource}; + my $resource_group = defined($self->{option_results}->{resource_group}) ? $self->{option_results}->{resource_group} : ''; + if ($resource =~ /^\/subscriptions\/.*\/resourceGroups\/(.*)\/providers\/Microsoft\.Network\/azurefirewalls\/(.*)$/) { + $resource_group = $1; + $resource = $2; + } + + $self->{az_resource} = $resource; + $self->{az_resource_group} = $resource_group; + $self->{az_resource_type} = 'azurefirewalls'; + $self->{az_resource_namespace} = 'Microsoft.Network'; + $self->{az_timeframe} = defined($self->{option_results}->{timeframe}) ? $self->{option_results}->{timeframe} : 900; + $self->{az_interval} = defined($self->{option_results}->{interval}) ? $self->{option_results}->{interval} : 'PT5M'; + $self->{az_aggregations} = ['Average']; + if (defined($self->{option_results}->{aggregation})) { + $self->{az_aggregations} = []; + foreach my $stat (@{$self->{option_results}->{aggregation}}) { + if ($stat ne '') { + push @{$self->{az_aggregations}}, ucfirst(lc($stat)); + } + } + } + + foreach my $metric (keys %{$self->{metrics_mapping}}) { + next if (defined($self->{option_results}->{filter_metric}) && $self->{option_results}->{filter_metric} ne '' + && $metric !~ /$self->{option_results}->{filter_metric}/); + + push @{$self->{az_metrics}}, $metric; + } +} + +1; + +__END__ + +=head1 MODE + +Check Azure Network Firewall health metrics. + +Example: + +Using resource name : + +perl centreon_plugins.pl --plugin=cloud::azure::network::firewall::plugin --mode=health --custommode=api +--resource= --resource-group= --aggregation='average' +--warning-firewall-health='100:' --critical-firewall-health='50:' + +Using resource id : + +perl centreon_plugins.pl --plugin=cloud::azure::network::firewall::plugin --mode=health --custommode=api +--resource='/subscriptions//resourceGroups//providers/Microsoft.Network/azurefirewalls/' +--aggregation='average' --warning-firewall-health='100:' --critical-firewall-health='50:' + +Default aggregation: 'average' / 'total', 'minimum' and 'maximum' are valid. + +=over 8 + +=item B<--resource> + +Set resource name or id (Required). + +=item B<--resource-group> + +Set resource group (Required if resource's name is used). + +=item B<---warning-firewall-health-percentage> + +Warning threshold. + +=item B<--critical-firewall-health-percentage> + +Critical threshold. + +=back + +=cut diff --git a/cloud/azure/network/firewall/mode/hits.pm b/cloud/azure/network/firewall/mode/hits.pm new file mode 100644 index 000000000..334bd312e --- /dev/null +++ b/cloud/azure/network/firewall/mode/hits.pm @@ -0,0 +1,150 @@ +# +# Copyright 2020 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package cloud::azure::network::firewall::mode::hits; + +use base qw(cloud::azure::custom::mode); + +use strict; +use warnings; + +sub get_metrics_mapping { + my ($self, %options) = @_; + + my $metrics_mapping = { + 'applicationrulehit' => { + 'output' => 'Application rules hit count', + 'label' => 'application-rules-hits', + 'nlabel' => 'firewall.applications.rules.hits.count', + 'unit' => '', + 'min' => '0' + }, + 'networkrulehit' => { + 'output' => 'Network rules hit count', + 'label' => 'network-rules-hits', + 'nlabel' => 'firewall.newtork.rules.hits.count', + 'unit' => '', + 'min' => '0' + } + }; + + return $metrics_mapping; +} + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options, force_new_perfdata => 1); + bless $self, $class; + + $options{options}->add_options(arguments => { + 'filter-metric:s' => { name => 'filter_metric' }, + 'resource:s' => { name => 'resource' }, + 'resource-group:s' => { name => 'resource_group' } + }); + + return $self; +} + +sub check_options { + my ($self, %options) = @_; + $self->SUPER::check_options(%options); + + if (!defined($self->{option_results}->{resource}) || $self->{option_results}->{resource} eq '') { + $self->{output}->add_option_msg(short_msg => 'Need to specify either --resource with --resource-group option or --resource .'); + $self->{output}->option_exit(); + } + my $resource = $self->{option_results}->{resource}; + my $resource_group = defined($self->{option_results}->{resource_group}) ? $self->{option_results}->{resource_group} : ''; + if ($resource =~ /^\/subscriptions\/.*\/resourceGroups\/(.*)\/providers\/Microsoft\.Network\/azurefirewalls\/(.*)$/) { + $resource_group = $1; + $resource = $2; + } + + $self->{az_resource} = $resource; + $self->{az_resource_group} = $resource_group; + $self->{az_resource_type} = 'azurefirewalls'; + $self->{az_resource_namespace} = 'Microsoft.Network'; + $self->{az_timeframe} = defined($self->{option_results}->{timeframe}) ? $self->{option_results}->{timeframe} : 900; + $self->{az_interval} = defined($self->{option_results}->{interval}) ? $self->{option_results}->{interval} : 'PT5M'; + $self->{az_aggregations} = ['Total']; + if (defined($self->{option_results}->{aggregation})) { + $self->{az_aggregations} = []; + foreach my $stat (@{$self->{option_results}->{aggregation}}) { + if ($stat ne '') { + push @{$self->{az_aggregations}}, ucfirst(lc($stat)); + } + } + } + + foreach my $metric (keys %{$self->{metrics_mapping}}) { + next if (defined($self->{option_results}->{filter_metric}) && $self->{option_results}->{filter_metric} ne '' + && $metric !~ /$self->{option_results}->{filter_metric}/); + + push @{$self->{az_metrics}}, $metric; + } +} + +1; + +__END__ + +=head1 MODE + +Check Azure Network Firewall hits metrics. + +Example: + +Using resource name : + +perl centreon_plugins.pl --plugin=cloud::azure::network::firewall::plugin --mode=hits --custommode=api +--resource= --resource-group= --aggregation='total' +--warning-application-rules-hits='5000' --critical-application-rules-hits='10000' + +Using resource id : + +perl centreon_plugins.pl --plugin=cloud::azure::network::firewall::plugin --mode=hits --custommode=api +--resource='/subscriptions//resourceGroups//providers/Microsoft.Network/azurefirewalls/' +--aggregation='total' --warning-application-rules-hits='5000' --critical-application-rules-hits='10000' + +Default aggregation: 'total' / 'average', 'minimum' and 'maximum' are valid. + +=over 8 + +=item B<--resource> + +Set resource name or id (Required). + +=item B<--resource-group> + +Set resource group (Required if resource's name is used). + +=item B<---warning-*> + +Warning threshold where '*' can be: +'application-rules-hits', 'network-rules-hits'. + +=item B<--critical-*> + +Critical threshold where '*' can be: +'application-rules-hits', 'network-rules-hits'. + +=back + +=cut diff --git a/cloud/azure/network/firewall/mode/throughput.pm b/cloud/azure/network/firewall/mode/throughput.pm new file mode 100644 index 000000000..3c0800734 --- /dev/null +++ b/cloud/azure/network/firewall/mode/throughput.pm @@ -0,0 +1,150 @@ +# +# Copyright 2020 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package cloud::azure::network::firewall::mode::throughput; + +use base qw(cloud::azure::custom::mode); + +use strict; +use warnings; + +sub get_metrics_mapping { + my ($self, %options) = @_; + + my $metrics_mapping = { + 'dataprocessed' => { + 'output' => 'Data processed', + 'label' => 'processed-data', + 'nlabel' => 'firewall.data.processed.bytes', + 'unit' => 'B', + 'min' => '0' + }, + 'Throughput' => { + 'output' => 'Throughput', + 'label' => 'throughput', + 'nlabel' => 'firewall.throughput.bitspersecond', + 'unit' => 'b/s', + 'min' => '0' + } + }; + + return $metrics_mapping; +} + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options, force_new_perfdata => 1); + bless $self, $class; + + $options{options}->add_options(arguments => { + 'filter-metric:s' => { name => 'filter_metric' }, + 'resource:s' => { name => 'resource' }, + 'resource-group:s' => { name => 'resource_group' } + }); + + return $self; +} + +sub check_options { + my ($self, %options) = @_; + $self->SUPER::check_options(%options); + + if (!defined($self->{option_results}->{resource}) || $self->{option_results}->{resource} eq '') { + $self->{output}->add_option_msg(short_msg => 'Need to specify either --resource with --resource-group option or --resource .'); + $self->{output}->option_exit(); + } + my $resource = $self->{option_results}->{resource}; + my $resource_group = defined($self->{option_results}->{resource_group}) ? $self->{option_results}->{resource_group} : ''; + if ($resource =~ /^\/subscriptions\/.*\/resourceGroups\/(.*)\/providers\/Microsoft\.Network\/azurefirewalls\/(.*)$/) { + $resource_group = $1; + $resource = $2; + } + + $self->{az_resource} = $resource; + $self->{az_resource_group} = $resource_group; + $self->{az_resource_type} = 'azurefirewalls'; + $self->{az_resource_namespace} = 'Microsoft.Network'; + $self->{az_timeframe} = defined($self->{option_results}->{timeframe}) ? $self->{option_results}->{timeframe} : 900; + $self->{az_interval} = defined($self->{option_results}->{interval}) ? $self->{option_results}->{interval} : 'PT5M'; + $self->{az_aggregations} = ['Average']; + if (defined($self->{option_results}->{aggregation})) { + $self->{az_aggregations} = []; + foreach my $stat (@{$self->{option_results}->{aggregation}}) { + if ($stat ne '') { + push @{$self->{az_aggregations}}, ucfirst(lc($stat)); + } + } + } + + foreach my $metric (keys %{$self->{metrics_mapping}}) { + next if (defined($self->{option_results}->{filter_metric}) && $self->{option_results}->{filter_metric} ne '' + && $metric !~ /$self->{option_results}->{filter_metric}/); + + push @{$self->{az_metrics}}, $metric; + } +} + +1; + +__END__ + +=head1 MODE + +Check Azure Network Firewall throughput metrics. + +Example: + +Using resource name : + +perl centreon_plugins.pl --plugin=cloud::azure::network::firewall::plugin --mode=throughput --custommode=api +--resource= --resource-group= --aggregation='average' +--warning-throughput='50000' --critical-throughput='100000' + +Using resource id : + +perl centreon_plugins.pl --plugin=cloud::azure::network::firewall::plugin --mode=throughput --custommode=api +--resource='/subscriptions//resourceGroups//providers/Microsoft.Network/azurefirewalls/' +--aggregation='average' --warning-throughput='50000' --critical-throughput='100000' + +Default aggregation: 'average' / 'total', 'minimum' and 'maximum' are valid. + +=over 8 + +=item B<--resource> + +Set resource name or id (Required). + +=item B<--resource-group> + +Set resource group (Required if resource's name is used). + +=item B<---warning-*> + +Warning threshold where '*' can be: +'processed-data', 'throughput'. + +=item B<--critical-*> + +Critical threshold where '*' can be: +'processed-data', 'throughput'. + +=back + +=cut diff --git a/cloud/azure/network/firewall/plugin.pm b/cloud/azure/network/firewall/plugin.pm new file mode 100644 index 000000000..8eb0619e0 --- /dev/null +++ b/cloud/azure/network/firewall/plugin.pm @@ -0,0 +1,63 @@ +# +# Copyright 2020 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package cloud::azure::network::firewall::plugin; + +use strict; +use warnings; +use base qw(centreon::plugins::script_custom); + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new( package => __PACKAGE__, %options ); + bless $self, $class; + + $self->{version} = '0.1'; + $self->{modes} = { + 'discovery' => 'cloud::azure::network::firewall::mode::discovery', + 'health' => 'cloud::azure::network::firewall::mode::health', + 'hits' => 'cloud::azure::network::firewall::mode::hits', + 'throughput' => 'cloud::azure::network::firewall::mode::throughput' + }; + + $self->{custom_modes}->{azcli} = 'cloud::azure::custom::azcli'; + $self->{custom_modes}->{api} = 'cloud::azure::custom::api'; + return $self; +} + +sub init { + my ($self, %options) = @_; + + $self->{options}->add_options(arguments => { + 'api-version:s' => { name => 'api_version', default => '2018-01-01' }, + }); + + $self->SUPER::init(%options); +} + +1; + +__END__ + +=head1 PLUGIN DESCRIPTION + +Check Microsoft Azure Firewalls. + +=cut diff --git a/cloud/azure/network/publicip/mode/ddostraffic.pm b/cloud/azure/network/publicip/mode/ddostraffic.pm new file mode 100644 index 000000000..8ec4319c5 --- /dev/null +++ b/cloud/azure/network/publicip/mode/ddostraffic.pm @@ -0,0 +1,180 @@ +# +# Copyright 2020 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package cloud::azure::network::publicip::mode::ddostraffic; + +use base qw(cloud::azure::custom::mode); + +use strict; +use warnings; + +sub get_metrics_mapping { + my ($self, %options) = @_; + + my $metrics_mapping = { + 'bytesdroppedddos' => { + 'output' => 'Inbound bytes dropped DDoS', + 'label' => 'ddos-dropped', + 'nlabel' => 'publicip.ddos.dropped.bytes', + 'unit' => 'B', + 'min' => '0' + }, + 'bytesforwardedddos' => { + 'output' => 'Inbound bytes forwarded DDoS', + 'label' => 'ddos-forwarded', + 'nlabel' => 'publicip.ddos.forwarded.bytes', + 'unit' => 'B', + 'min' => '0' + }, + 'bytesinddos' => { + 'output' => 'Inbound bytes DDoS', + 'label' => 'ddos-inbound', + 'nlabel' => 'publicip.ddos.inbound.bytes', + 'unit' => 'B', + 'min' => '0' + }, + 'packetsdroppedddos' => { + 'output' => 'Inbound packets dropped DDoS', + 'label' => 'ddos-dropped-packets', + 'nlabel' => 'publicip.ddos.packets.countpersecond', + 'unit' => '/s', + 'min' => '0' + }, + 'packetsforwardedddos' => { + 'output' => 'Inbound packets forwarded DDoS', + 'label' => 'ddos-forwarded-packets', + 'nlabel' => 'publicip.ddos.forwarded.countpersecond', + 'unit' => '/s', + 'min' => '0' + }, + 'packetsinddos' => { + 'output' => 'Inbound packets DDoS', + 'label' => 'ddos-inbound-packets', + 'nlabel' => 'publicip.ddos.inbound.packets.countpersecond', + 'unit' => '/s', + 'min' => '0' + } + }; + + return $metrics_mapping; +} + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options, force_new_perfdata => 1); + bless $self, $class; + + $options{options}->add_options(arguments => { + 'filter-metric:s' => { name => 'filter_metric' }, + 'resource:s' => { name => 'resource' }, + 'resource-group:s' => { name => 'resource_group' } + }); + + return $self; +} + +sub check_options { + my ($self, %options) = @_; + $self->SUPER::check_options(%options); + + if (!defined($self->{option_results}->{resource}) || $self->{option_results}->{resource} eq '') { + $self->{output}->add_option_msg(short_msg => 'Need to specify either --resource with --resource-group option or --resource .'); + $self->{output}->option_exit(); + } + my $resource = $self->{option_results}->{resource}; + my $resource_group = defined($self->{option_results}->{resource_group}) ? $self->{option_results}->{resource_group} : ''; + if ($resource =~ /^\/subscriptions\/.*\/resourceGroups\/(.*)\/providers\/Microsoft\.Network\/publicIPAddresses\/(.*)$/) { + $resource_group = $1; + $resource = $2; + } + + $self->{az_resource} = $resource; + $self->{az_resource_group} = $resource_group; + $self->{az_resource_type} = 'publicIPAddresses'; + $self->{az_resource_namespace} = 'Microsoft.Network'; + $self->{az_timeframe} = defined($self->{option_results}->{timeframe}) ? $self->{option_results}->{timeframe} : 900; + $self->{az_interval} = defined($self->{option_results}->{interval}) ? $self->{option_results}->{interval} : 'PT5M'; + $self->{az_aggregations} = ['Maximum']; + if (defined($self->{option_results}->{aggregation})) { + $self->{az_aggregations} = []; + foreach my $stat (@{$self->{option_results}->{aggregation}}) { + if ($stat ne '') { + push @{$self->{az_aggregations}}, ucfirst(lc($stat)); + } + } + } + + foreach my $metric (keys %{$self->{metrics_mapping}}) { + next if (defined($self->{option_results}->{filter_metric}) && $self->{option_results}->{filter_metric} ne '' + && $metric !~ /$self->{option_results}->{filter_metric}/); + + push @{$self->{az_metrics}}, $metric; + } +} + +1; + +__END__ + +=head1 MODE + +Check Azure Public IP DDOS traffic metrics. + +Example: + +Using resource name : + +perl centreon_plugins.pl --plugin=cloud::azure::network::publicip::plugin --mode=ddos-traffic --custommode=api +--resource= --resource-group= --aggregation='maximum' +--warning-ddos-inbound-packets='1000' --critical-ddos-inbound-packets='2000' + +Using resource id : + +perl centreon_plugins.pl --plugin=cloud::azure::network::publicip::plugin --mode=ddos-traffic --custommode=api +--resource='/subscriptions//resourceGroups//providers/Microsoft.Network/publicIPAddresses/' +--aggregation='maximum' --warning-ddos-inbound-packets='1000' --critical-ddos-inbound-packets='2000' + +Default aggregation: 'maximum' / 'average', 'total', 'minimum' and 'maximum' are valid. + +=over 8 + +=item B<--resource> + +Set resource name or id (Required). + +=item B<--resource-group> + +Set resource group (Required if resource's name is used). + +=item B<---warning-*> + +Warning threshold where '*' can be: +'ddos-dropped', 'ddos-forwarded', 'ddos-inbound', 'ddos-dropped-packets', +'ddos-forwarded-packets', 'ddos-inbound-packets'. + +=item B<--critical-*> + +Critical threshold where '*' can be: +'ddos-dropped', 'ddos-forwarded', 'ddos-inbound', 'ddos-dropped-packets', +'ddos-forwarded-packets', 'ddos-inbound-packets'. + +=back + +=cut diff --git a/cloud/azure/network/publicip/mode/discovery.pm b/cloud/azure/network/publicip/mode/discovery.pm new file mode 100644 index 000000000..ecafdda05 --- /dev/null +++ b/cloud/azure/network/publicip/mode/discovery.pm @@ -0,0 +1,60 @@ +# +# Copyright 2020 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package cloud::azure::network::publicip::mode::discovery; + +use base qw(cloud::azure::management::monitor::mode::discovery); + +use strict; +use warnings; + +sub check_options { + my ($self, %options) = @_; + $self->SUPER::check_options(%options); + + $self->{namespace} = 'Microsoft.Network'; + $self->{type} = 'publicIPAddresses'; +} + +1; + +__END__ + +=head1 MODE + +Azure Public IP discovery. + +=over 8 + +=item B<--resource-group> + +Specify resource group. + +=item B<--location> + +Specify location. + +=item B<--prettify> + +Prettify JSON output. + +=back + +=cut diff --git a/cloud/azure/network/publicip/mode/status.pm b/cloud/azure/network/publicip/mode/status.pm new file mode 100644 index 000000000..e0e1275e9 --- /dev/null +++ b/cloud/azure/network/publicip/mode/status.pm @@ -0,0 +1,202 @@ +# +# Copyright 2020 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package cloud::azure::network::publicip::mode::status; + +use base qw(centreon::plugins::templates::counter); +use centreon::plugins::templates::catalog_functions qw(catalog_status_threshold_ng); + +use strict; +use warnings; + + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options, force_new_perfdata => 1); + bless $self, $class; + + $options{options}->add_options(arguments => { + 'resource:s' => { name => 'resource' }, + 'resource-group:s' => { name => 'resource_group' } + }); + + $options{options}->add_help(package => __PACKAGE__, sections => 'CUSTOM MODE OPTIONS', once => 1); + + return $self; +} + + +sub prefix_status_output { + my ($self, %options) = @_; + + return sprintf("Public IP instance '%s', IP: %s (%s) ", $options{instance_value}->{display}, $options{instance_value}->{ipaddress}, $options{instance_value}->{ipversion}); +} + +sub custom_ddos_status_output { + my ($self, %options) = @_; + + return sprintf('current DDOS status: "%s"', $self->{result_values}->{status}); +} + +sub custom_provisioning_state_output { + my ($self, %options) = @_; + + return sprintf('current provisioning state: "%s"', $self->{result_values}->{state}); +} + +sub set_counters { + my ($self, %options) = @_; + + $self->{maps_counters_type} = [ + { name => 'global', type => 0, cb_prefix_output => 'prefix_status_output' } + ]; + + $self->{maps_counters}->{global} = [ + { label => 'ddos-status', type => 2, critical_default => '%{status} =~ /DDOS Attack ongoing/i', set => { + key_values => [ { name => 'status' } ], + closure_custom_output => $self->can('custom_ddos_status_output'), + closure_custom_perfdata => sub { return 0; }, + closure_custom_threshold_check => \&catalog_status_threshold_ng, + } + }, + { label => 'provisioning-state', type => 2, critical_default => '%{state} =~ /Failed/i', set => { + key_values => [ { name => 'state' } ], + closure_custom_output => $self->can('custom_provisioning_state_output'), + closure_custom_perfdata => sub { return 0; }, + closure_custom_threshold_check => \&catalog_status_threshold_ng, + } + } + ]; +} + +sub check_options { + my ($self, %options) = @_; + $self->SUPER::check_options(%options); + + if (!defined($self->{option_results}->{resource}) || $self->{option_results}->{resource} eq '') { + $self->{output}->add_option_msg(short_msg => 'Need to specify either --resource with --resource-group option or --resource .'); + $self->{output}->option_exit(); + } + my $resource = $self->{option_results}->{resource}; + my $resource_group = defined($self->{option_results}->{resource_group}) ? $self->{option_results}->{resource_group} : ''; + if ($resource =~ /^\/subscriptions\/.*\/resourceGroups\/(.*)\/providers\/Microsoft\.Network\/publicIPAddresses\/(.*)$/) { + $resource_group = $1; + $resource = $2; + } + + $self->{az_resource} = $resource; + $self->{az_resource_group} = $resource_group; + $self->{az_resource_type} = 'publicIPAddresses'; + $self->{az_resource_namespace} = 'Microsoft.Network'; + $self->{az_timeframe} = defined($self->{option_results}->{timeframe}) ? $self->{option_results}->{timeframe} : 900; + $self->{az_interval} = defined($self->{option_results}->{interval}) ? $self->{option_results}->{interval} : 'PT5M'; + $self->{az_aggregations} = ['Maximum']; + +} + +sub manage_selection { + my ($self, %options) = @_; + + my %metric_results; + my $raw_results; + + my $publicip_properties = $options{custom}->azure_get_publicip(resource => $self->{az_resource}, resource_group => $self->{az_resource_group}); + $self->{global} = { + ipaddress => $publicip_properties->{properties}->{ipAddress}, + ipversion => $publicip_properties->{properties}->{publicIPAddressVersion}, + state => $publicip_properties->{properties}->{provisioningState} + }; + + ($metric_results{$self->{az_resource}}, $raw_results) = $options{custom}->azure_get_metrics( + aggregations => $self->{az_aggregations}, + interval => $self->{az_interval}, + metrics => ['IfUnderDDoSAttack'], + resource => $self->{az_resource}, + resource_group => $self->{az_resource_group}, + resource_namespace => $self->{az_resource_namespace}, + resource_type => $self->{az_resource_type}, + timeframe => $self->{az_timeframe} + ); + + $self->{global}->{display} = $self->{az_resource}; + $self->{global}->{numeric_status} = + defined($metric_results{$self->{az_resource}}->{IfUnderDDoSAttack}->{maximum}) ? + $metric_results{$self->{az_resource}}->{IfUnderDDoSAttack}->{maximum} : 0; + + + $self->{global}->{status} = $self->{global}->{numeric_status} > 0 ? 'DDOS Attack ongoing' : 'OK'; + +} + +1; + +__END__ + +=head1 MODE + +Check Azure Public IP status. + +Example: + +Using resource name : + +perl centreon_plugins.pl --plugin=cloud::azure::network::publicip::plugin --mode=status --custommode=api +--resource= --resource-group= +--critical-provisioning-state='%{state} =~ /Failed/i' + +Using resource id : + +perl centreon_plugins.pl --plugin=cloud::azure::network::publicip::plugin --mode=status --custommode=api +--resource='/subscriptions//resourceGroups//providers/Microsoft.Network/publicIPAddresses/' +--critical-provisioning-state='%{state} =~ /Failed/i' + +Default aggregation: 'maximum' / 'average', 'total', 'minimum' and 'maximum' are valid. + +=head1 CUSTOM MODE OPTIONS + +=over 8 + +=item B<--resource> + +Set resource name or id (Required). + +=item B<--resource-group> + +Set resource group (Required if resource's name is used). + +=item B<--warning-ddos-status> + +Warning threshold for DDOS attack status (Default: ''). + +=item B<--critical-ddos-status> + +Critical threshold for DDOS attack status (Default: '%{status} =~ /DDOS Attack ongoing/i'). + +=item B<--warning-provisioning-state> + +Warning threshold for provisioning state (Default: ''). + +=item B<--critical-provisioning-state> + +Critical threshold for provisioning state (Default: '%{state} =~ /Failed/i'). + +=back + +=cut diff --git a/cloud/azure/network/publicip/plugin.pm b/cloud/azure/network/publicip/plugin.pm new file mode 100644 index 000000000..e23ff7284 --- /dev/null +++ b/cloud/azure/network/publicip/plugin.pm @@ -0,0 +1,62 @@ +# +# Copyright 2020 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package cloud::azure::network::publicip::plugin; + +use strict; +use warnings; +use base qw(centreon::plugins::script_custom); + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new( package => __PACKAGE__, %options ); + bless $self, $class; + + $self->{version} = '0.1'; + $self->{modes} = { + 'discovery' => 'cloud::azure::network::publicip::mode::discovery', + 'ddos-traffic' => 'cloud::azure::network::publicip::mode::ddostraffic', + 'status' => 'cloud::azure::network::publicip::mode::status' + }; + + $self->{custom_modes}->{azcli} = 'cloud::azure::custom::azcli'; + $self->{custom_modes}->{api} = 'cloud::azure::custom::api'; + return $self; +} + +sub init { + my ($self, %options) = @_; + + $self->{options}->add_options(arguments => { + 'api-version:s' => { name => 'api_version', default => '2018-01-01' }, + }); + + $self->SUPER::init(%options); +} + +1; + +__END__ + +=head1 PLUGIN DESCRIPTION + +Check Microsoft Azure Public IPs. + +=cut diff --git a/cloud/azure/security/keyvault/mode/discovery.pm b/cloud/azure/security/keyvault/mode/discovery.pm new file mode 100644 index 000000000..a11c169af --- /dev/null +++ b/cloud/azure/security/keyvault/mode/discovery.pm @@ -0,0 +1,60 @@ +# +# Copyright 2020 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package cloud::azure::security::keyvault::mode::discovery; + +use base qw(cloud::azure::management::monitor::mode::discovery); + +use strict; +use warnings; + +sub check_options { + my ($self, %options) = @_; + $self->SUPER::check_options(%options); + + $self->{namespace} = 'Microsoft.KeyVault'; + $self->{type} = 'vaults'; +} + +1; + +__END__ + +=head1 MODE + +Azure Security Key Vaults discovery. + +=over 8 + +=item B<--resource-group> + +Specify resource group. + +=item B<--location> + +Specify location. + +=item B<--prettify> + +Prettify JSON output. + +=back + +=cut diff --git a/cloud/azure/security/keyvault/mode/serviceapi.pm b/cloud/azure/security/keyvault/mode/serviceapi.pm new file mode 100644 index 000000000..9cdbc2f8b --- /dev/null +++ b/cloud/azure/security/keyvault/mode/serviceapi.pm @@ -0,0 +1,156 @@ +# +# Copyright 2020 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package cloud::azure::security::keyvault::mode::serviceapi; + +use base qw(cloud::azure::custom::mode); + +use strict; +use warnings; + +sub get_metrics_mapping { + my ($self, %options) = @_; + + my $metrics_mapping = { + 'serviceapihit' => { + 'output' => 'Total Service Api Hits', + 'label' => 'serviceapi-hits', + 'nlabel' => 'keyvault.serviceapi.hits.count', + 'unit' => '', + 'min' => '0' + }, + 'serviceapilatency' => { + 'output' => 'Overall Service Api Latency', + 'label' => 'serviceapi-latency', + 'nlabel' => 'keyvault.serviceapi.latency.milliseconds', + 'unit' => 'ms', + 'min' => '0' + }, + 'serviceapiresult' => { + 'output' => 'Total Service Api Results', + 'label' => 'serviceapi-results', + 'nlabel' => 'keyvault.serviceapi.results.count', + 'unit' => '', + 'min' => '0' + } + }; + + return $metrics_mapping; +} + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options, force_new_perfdata => 1); + bless $self, $class; + + $options{options}->add_options(arguments => { + 'filter-metric:s' => { name => 'filter_metric' }, + 'resource:s' => { name => 'resource' }, + 'resource-group:s' => { name => 'resource_group' } + }); + + return $self; +} + +sub check_options { + my ($self, %options) = @_; + $self->SUPER::check_options(%options); + + if (!defined($self->{option_results}->{resource}) || $self->{option_results}->{resource} eq '') { + $self->{output}->add_option_msg(short_msg => 'Need to specify either --resource with --resource-group option or --resource .'); + $self->{output}->option_exit(); + } + my $resource = $self->{option_results}->{resource}; + my $resource_group = defined($self->{option_results}->{resource_group}) ? $self->{option_results}->{resource_group} : ''; + if ($resource =~ /^\/subscriptions\/.*\/resourceGroups\/(.*)\/providers\/Microsoft\.KeyVault\/vaults\/(.*)$/) { + $resource_group = $1; + $resource = $2; + } + + $self->{az_resource} = $resource; + $self->{az_resource_group} = $resource_group; + $self->{az_resource_type} = 'vaults'; + $self->{az_resource_namespace} = 'Microsoft.KeyVault'; + $self->{az_timeframe} = defined($self->{option_results}->{timeframe}) ? $self->{option_results}->{timeframe} : 900; + $self->{az_interval} = defined($self->{option_results}->{interval}) ? $self->{option_results}->{interval} : 'PT5M'; + $self->{az_aggregations} = ['Average']; + if (defined($self->{option_results}->{aggregation})) { + $self->{az_aggregations} = []; + foreach my $stat (@{$self->{option_results}->{aggregation}}) { + if ($stat ne '') { + push @{$self->{az_aggregations}}, ucfirst(lc($stat)); + } + } + } + + foreach my $metric (keys %{$self->{metrics_mapping}}) { + next if (defined($self->{option_results}->{filter_metric}) && $self->{option_results}->{filter_metric} ne '' + && $metric !~ /$self->{option_results}->{filter_metric}/); + push @{$self->{az_metrics}}, $metric; + } +} + +1; + +__END__ + +=head1 MODE + +Check Azure Security Key Vault serviceAPI statistics. + +Example: + +Using resource name : + +perl centreon_plugins.pl --plugin=cloud::azure::security::keyvault::plugin --mode=service-api --custommode=api +--resource= --resource-group= --aggregation='average' +--warning-serviceapi-latency='20' --critical-serviceapi-latency='50' + +Using resource id : + +perl centreon_plugins.pl --plugin=cloud::azure::security::keyvault::plugin --mode=service-api --custommode=api +--resource='/subscriptions//resourceGroups//providers/Microsoft.KeyVault/vaults/' +--aggregation='average' --warning-serviceapi-latency='20' --critical-serviceapi-latency='50' + +Default aggregation: 'average' / 'total', 'minimum' and 'maximum' are valid. + +=over 8 + +=item B<--resource> + +Set resource name or id (Required). + +=item B<--resource-group> + +Set resource group (Required if resource's name is used). + +=item B<--warning-*> + +Warning threshold where '*' can be: +'serviceapihit', 'serviceapilatency', 'serviceapiresult'. + +=item B<--critical-vault-capacity-percentage> + +Critical threshold where '*' can be: +'serviceapihit', 'serviceapilatency', 'serviceapiresult'. + +=back + +=cut diff --git a/cloud/azure/security/keyvault/mode/vaultavailability.pm b/cloud/azure/security/keyvault/mode/vaultavailability.pm new file mode 100644 index 000000000..a63f19070 --- /dev/null +++ b/cloud/azure/security/keyvault/mode/vaultavailability.pm @@ -0,0 +1,141 @@ +# +# Copyright 2020 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package cloud::azure::security::keyvault::mode::vaultavailability; + +use base qw(cloud::azure::custom::mode); + +use strict; +use warnings; + +sub get_metrics_mapping { + my ($self, %options) = @_; + + my $metrics_mapping = { + 'availability' => { + 'output' => 'Overall Vault Availability', + 'label' => 'vault-availability-percentage', + 'nlabel' => 'keyvault.vault.availability.percentage', + 'unit' => '%', + 'min' => '0', + 'max' => '100' + } + }; + + return $metrics_mapping; +} + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options, force_new_perfdata => 1); + bless $self, $class; + + $options{options}->add_options(arguments => { + 'filter-metric:s' => { name => 'filter_metric' }, + 'resource:s' => { name => 'resource' }, + 'resource-group:s' => { name => 'resource_group' } + }); + + return $self; +} + +sub check_options { + my ($self, %options) = @_; + $self->SUPER::check_options(%options); + + if (!defined($self->{option_results}->{resource}) || $self->{option_results}->{resource} eq '') { + $self->{output}->add_option_msg(short_msg => 'Need to specify either --resource with --resource-group option or --resource .'); + $self->{output}->option_exit(); + } + my $resource = $self->{option_results}->{resource}; + my $resource_group = defined($self->{option_results}->{resource_group}) ? $self->{option_results}->{resource_group} : ''; + if ($resource =~ /^\/subscriptions\/.*\/resourceGroups\/(.*)\/providers\/Microsoft\.KeyVault\/vaults\/(.*)$/) { + $resource_group = $1; + $resource = $2; + } + + $self->{az_resource} = $resource; + $self->{az_resource_group} = $resource_group; + $self->{az_resource_type} = 'vaults'; + $self->{az_resource_namespace} = 'Microsoft.KeyVault'; + $self->{az_timeframe} = defined($self->{option_results}->{timeframe}) ? $self->{option_results}->{timeframe} : 900; + $self->{az_interval} = defined($self->{option_results}->{interval}) ? $self->{option_results}->{interval} : 'PT5M'; + $self->{az_aggregations} = ['Average']; + if (defined($self->{option_results}->{aggregation})) { + $self->{az_aggregations} = []; + foreach my $stat (@{$self->{option_results}->{aggregation}}) { + if ($stat ne '') { + push @{$self->{az_aggregations}}, ucfirst(lc($stat)); + } + } + } + + foreach my $metric (keys %{$self->{metrics_mapping}}) { + next if (defined($self->{option_results}->{filter_metric}) && $self->{option_results}->{filter_metric} ne '' + && $metric !~ /$self->{option_results}->{filter_metric}/); + push @{$self->{az_metrics}}, $metric; + } +} + +1; + +__END__ + +=head1 MODE + +Check Azure Security Key Vault availability. + +Example: + +Using resource name : + +perl centreon_plugins.pl --plugin=cloud::azure::security::keyvault::plugin --mode=vault-availability --custommode=api +--resource= --resource-group= --aggregation='average' +--warning-vault-availability-percentage='100:' --critical-vault-availability-percentage='50:' + +Using resource id : + +perl centreon_plugins.pl --plugin=cloud::azure::security::keyvault::plugin --mode=vault-availability --custommode=api +--resource='/subscriptions//resourceGroups//providers/Microsoft.KeyVault/vaults/' +--aggregation='average' --warning-vault-availability-percentage='100:' --critical-vault-availability-percentage='50:' + +Default aggregation: 'average' / 'total', 'minimum' and 'maximum' are valid. + +=over 8 + +=item B<--resource> + +Set resource name or id (Required). + +=item B<--resource-group> + +Set resource group (Required if resource's name is used). + +=item B<--warning-vault-availability-percentage> + +Warning threshold. + +=item B<--critical-vault-availability-percentage> + +Critical threshold. + +=back + +=cut diff --git a/cloud/azure/security/keyvault/mode/vaultcapacity.pm b/cloud/azure/security/keyvault/mode/vaultcapacity.pm new file mode 100644 index 000000000..abb5e1320 --- /dev/null +++ b/cloud/azure/security/keyvault/mode/vaultcapacity.pm @@ -0,0 +1,141 @@ +# +# Copyright 2020 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package cloud::azure::security::keyvault::mode::vaultcapacity; + +use base qw(cloud::azure::custom::mode); + +use strict; +use warnings; + +sub get_metrics_mapping { + my ($self, %options) = @_; + + my $metrics_mapping = { + 'saturationshoebox' => { + 'output' => 'Overall Vault Saturation', + 'label' => 'vault-saturation-percentage', + 'nlabel' => 'keyvault.vault.saturation.percentage', + 'unit' => '%', + 'min' => '0', + 'max' => '100' + } + }; + + return $metrics_mapping; +} + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options, force_new_perfdata => 1); + bless $self, $class; + + $options{options}->add_options(arguments => { + 'filter-metric:s' => { name => 'filter_metric' }, + 'resource:s' => { name => 'resource' }, + 'resource-group:s' => { name => 'resource_group' } + }); + + return $self; +} + +sub check_options { + my ($self, %options) = @_; + $self->SUPER::check_options(%options); + + if (!defined($self->{option_results}->{resource}) || $self->{option_results}->{resource} eq '') { + $self->{output}->add_option_msg(short_msg => 'Need to specify either --resource with --resource-group option or --resource .'); + $self->{output}->option_exit(); + } + my $resource = $self->{option_results}->{resource}; + my $resource_group = defined($self->{option_results}->{resource_group}) ? $self->{option_results}->{resource_group} : ''; + if ($resource =~ /^\/subscriptions\/.*\/resourceGroups\/(.*)\/providers\/Microsoft\.KeyVault\/vaults\/(.*)$/) { + $resource_group = $1; + $resource = $2; + } + + $self->{az_resource} = $resource; + $self->{az_resource_group} = $resource_group; + $self->{az_resource_type} = 'vaults'; + $self->{az_resource_namespace} = 'Microsoft.KeyVault'; + $self->{az_timeframe} = defined($self->{option_results}->{timeframe}) ? $self->{option_results}->{timeframe} : 900; + $self->{az_interval} = defined($self->{option_results}->{interval}) ? $self->{option_results}->{interval} : 'PT5M'; + $self->{az_aggregations} = ['Average']; + if (defined($self->{option_results}->{aggregation})) { + $self->{az_aggregations} = []; + foreach my $stat (@{$self->{option_results}->{aggregation}}) { + if ($stat ne '') { + push @{$self->{az_aggregations}}, ucfirst(lc($stat)); + } + } + } + + foreach my $metric (keys %{$self->{metrics_mapping}}) { + next if (defined($self->{option_results}->{filter_metric}) && $self->{option_results}->{filter_metric} ne '' + && $metric !~ /$self->{option_results}->{filter_metric}/); + push @{$self->{az_metrics}}, $metric; + } +} + +1; + +__END__ + +=head1 MODE + +Check Azure Security Key Vault capacity. + +Example: + +Using resource name : + +perl centreon_plugins.pl --plugin=cloud::azure::security::keyvault::plugin --mode=vault-capacity --custommode=api +--resource= --resource-group= --aggregation='average' +--warning-vault-saturation='80' --critical-vault-saturation='90' + +Using resource id : + +perl centreon_plugins.pl --plugin=cloud::azure::security::keyvault::plugin --mode=vault-capacity --custommode=api +--resource='/subscriptions//resourceGroups//providers/Microsoft.KeyVault/vaults/' +--aggregation='average' --warning-vault-saturation='80' --critical-vault-saturation='90' + +Default aggregation: 'average' / 'total', 'minimum' and 'maximum' are valid. + +=over 8 + +=item B<--resource> + +Set resource name or id (Required). + +=item B<--resource-group> + +Set resource group (Required if resource's name is used). + +=item B<--warning-vault-saturation-percentage> + +Warning threshold. + +=item B<--critical-vault-saturation-percentage> + +Critical threshold. + +=back + +=cut diff --git a/cloud/azure/security/keyvault/plugin.pm b/cloud/azure/security/keyvault/plugin.pm new file mode 100644 index 000000000..d638ad7e1 --- /dev/null +++ b/cloud/azure/security/keyvault/plugin.pm @@ -0,0 +1,63 @@ +# +# Copyright 2020 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package cloud::azure::security::keyvault::plugin; + +use strict; +use warnings; +use base qw(centreon::plugins::script_custom); + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new( package => __PACKAGE__, %options ); + bless $self, $class; + + $self->{version} = '0.1'; + $self->{modes} = { + 'discovery' => 'cloud::azure::security::keyvault::mode::discovery', + 'service-api' => 'cloud::azure::security::keyvault::mode::serviceapi', + 'vault-availability' => 'cloud::azure::security::keyvault::mode::vaultavailability', + 'vault-capacity' => 'cloud::azure::security::keyvault::mode::vaultcapacity' + }; + + $self->{custom_modes}->{azcli} = 'cloud::azure::custom::azcli'; + $self->{custom_modes}->{api} = 'cloud::azure::custom::api'; + return $self; +} + +sub init { + my ($self, %options) = @_; + + $self->{options}->add_options(arguments => { + 'api-version:s' => { name => 'api_version', default => '2018-01-01' }, + }); + + $self->SUPER::init(%options); +} + +1; + +__END__ + +=head1 PLUGIN DESCRIPTION + +Check Microsoft Azure Key Vaults. + +=cut