tyler.durden
/
centreon-plugins
mirror of https://github.com/centreon/centreon-plugins.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

enh(acmepacket/snmp): add modes codec/policy-servers/security (#2872)

This commit is contained in:
qgarnier 2021-06-15 13:28:32 +02:00 committed by GitHub
parent 8bd84222e3
commit 815380436e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 1018 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

173
network/acmepacket/snmp/mode/codec.pm Normal file
View File

@ -0,0 +1,173 @@
#
# Copyright 2021 Centreon (http://www.centreon.com/)
#
# Centreon is a full-fledged industry-strength solution that meets
# the needs in IT infrastructure and application monitoring for
# service performance.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
package network::acmepacket::snmp::mode::codec;
use base qw(centreon::plugins::templates::counter);
use strict;
use warnings;
sub custom_resources_output {
my ($self, %options) = @_;
return sprintf(
'resources usage total: %s used: %s (%.2f%%) free: %s (%.2f%%)',
$self->{result_values}->{total},
$self->{result_values}->{used}, $self->{result_values}->{prct_used},
$self->{result_values}->{free}, $self->{result_values}->{prct_free}
);
}
sub codec_long_output {
my ($self, %options) = @_;
return 'checking codec transcoding';
}
sub prefix_codec_output {
my ($self, %options) = @_;
return 'Codec transcoding ';
}
sub prefix_sessions_output {
my ($self, %options) = @_;
return 'sessions ';
}
sub set_counters {
my ($self, %options) = @_;
$self->{maps_counters_type} = [
{ name => 'codec', type => 3, cb_prefix_output => 'prefix_codec_output', cb_long_output => 'codec_long_output', indent_long_output => ' ', message_multiple => 'All server pools are ok',
group => [
{ name => 'sessions', type => 0, display_short => 0, cb_prefix_output => 'prefix_sessions_output' },
{ name => 'resources', type => 0, display_short => 0 }
]
}
];
$self->{maps_counters}->{sessions} = [
{ label => 'sessions-active', nlabel => 'transcoding.sessions.active.count', set => {
key_values => [ { name => 'sessions_active' } ],
output_template => 'running: %d',
perfdatas => [
{ template => '%d', min => 0 }
]
}
}
];
$self->{maps_counters}->{resources} = [
{ label => 'resources-usage', nlabel => 'transcoding.resources.usage.count', set => {
key_values => [ { name => 'used' }, { name => 'free' }, { name => 'prct_used' }, { name => 'prct_free' }, { name => 'total' } ],
closure_custom_output => $self->can('custom_resources_output'),
perfdatas => [
{ template => '%d', min => 0, max => 'total', cast_int => 1 }
]
}
},
{ label => 'resources-usage-free', nlabel => 'transcoding.resources.free.count', display_ok => 0, set => {
key_values => [ { name => 'free' }, { name => 'used' }, { name => 'prct_used' }, { name => 'prct_free' }, { name => 'total' } ],
closure_custom_output => $self->can('custom_resources_output'),
perfdatas => [
{ template => '%d', min => 0, max => 'total', cast_int => 1 }
]
}
},
{ label => 'resources-usage-prct', nlabel => 'transcoding.resources.usage.percentage', display_ok => 0, set => {
key_values => [ { name => 'prct_used' }, { name => 'used' }, { name => 'free' }, { name => 'prct_free' }, { name => 'total' } ],
closure_custom_output => $self->can('custom_resources_output'),
perfdatas => [
{ template => '%.2f', min => 0, max => 100, unit => '%' }
]
}
}
];
}
sub new {
my ($class, %options) = @_;
my $self = $class->SUPER::new(package => __PACKAGE__, %options, force_new_perfdata => 1);
bless $self, $class;
$options{options}->add_options(arguments => {
});
return $self;
}
sub manage_selection {
my ($self, %options) = @_;
my $mapping = {
resources_total => { oid => '.1.3.6.1.4.1.9148.3.7.2.2.1' }, # apCodecTranscodingResourcesTotal
resources_used => { oid => '.1.3.6.1.4.1.9148.3.7.2.2.2' }, # apCodecTranscodingResourcesCurrent
sessions_active => { oid => '.1.3.6.1.4.1.9148.3.7.2.5.1' } # apCodecTranscodingLicensedTotalSessions
};
my $snmp_result = $options{snmp}->get_leef(
oids => [ map($_->{oid} . '.0', values(%$mapping)) ],
nothing_quit => 1
);
my $result = $options{snmp}->map_instance(mapping => $mapping, results => $snmp_result, instance => 0);
$self->{output}->output_add(short_msg => 'Codec transcoding is ok');
$self->{codec} = {
global => {
sessions => { sessions_active => $result->{sessions_active} },
resources => {
total => $result->{resources_total},
used => $result->{resources_used},
free => $result->{resources_total} - $result->{resources_used},
prct_used => $result->{resources_used} * 100 / $result->{resources_total},
prct_free => 100 - ($result->{resources_used} * 100 / $result->{resources_total})
}
}
};
}
1;
__END__
=head1 MODE
Check codec transcoding.
=over 8
=item B<--filter-counters>
Only display some counters (regexp can be used).
Example: --filter-counters='^memory-usage$'
=item B<--warning-*> B<--critical-*>
Thresholds.
Can be: 'sessions-active',
'resources-usage', 'resources-usage-free', 'resources-usage-prct'.
=back
=cut

110
network/acmepacket/snmp/mode/listpolicyservers.pm Normal file
View File

@ -0,0 +1,110 @@
#
# Copyright 2021 Centreon (http://www.centreon.com/)
#
# Centreon is a full-fledged industry-strength solution that meets
# the needs in IT infrastructure and application monitoring for
# service performance.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
package network::acmepacket::snmp::mode::listpolicyservers;
use base qw(centreon::plugins::mode);
use strict;
use warnings;
sub new {
my ($class, %options) = @_;
my $self = $class->SUPER::new(package => __PACKAGE__, %options);
bless $self, $class;
$options{options}->add_options(arguments => {
});
return $self;
}
sub check_options {
my ($self, %options) = @_;
$self->SUPER::init(%options);
}
my $mapping = {
name => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.2' } # apDiamRxExtPolSvrName
};
sub manage_selection {
my ($self, %options) = @_;
my $snmp_result = $options{snmp}->get_table(
oid => $mapping->{name}->{oid},
nothing_quit => 1
);
my $results = {};
foreach (values %$snmp_result) {
$results->{$_} = { name => $_ };
}
return $results;
}
sub run {
my ($self, %options) = @_;
my $results = $self->manage_selection(snmp => $options{snmp});
foreach my $name (sort keys %$results) {
$self->{output}->output_add(long_msg =>
join('', map("[$_ = " . $results->{$name}->{$_} . ']', keys(%$mapping)))
);
}
$self->{output}->output_add(
severity => 'OK',
short_msg => 'List access point names:'
);
$self->{output}->display(nolabel => 1, force_ignore_perfdata => 1, force_long_output => 1);
$self->{output}->exit();
}
sub disco_format {
my ($self, %options) = @_;
$self->{output}->add_disco_format(elements => [keys %$mapping]);
}
sub disco_show {
my ($self, %options) = @_;
my $results = $self->manage_selection(snmp => $options{snmp});
foreach (sort keys %$results) {
$self->{output}->add_disco_entry(
%{$results->{$_}}
);
}
}
1;
__END__
=head1 MODE
List policy servers.
=over 8
=back
=cut

429
network/acmepacket/snmp/mode/policyservers.pm Normal file
View File

@ -0,0 +1,429 @@
#
# Copyright 2021 Centreon (http://www.centreon.com/)
#
# Centreon is a full-fledged industry-strength solution that meets
# the needs in IT infrastructure and application monitoring for
# service performance.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
package network::acmepacket::snmp::mode::policyservers;
use base qw(centreon::plugins::templates::counter);
use strict;
use warnings;
use Digest::MD5 qw(md5_hex);
sub prefix_ps_output {
my ($self, %options) = @_;
return sprintf(
"Policy server '%s' ",
$options{instance_value}->{name}
);
}
sub ps_long_output {
my ($self, %options) = @_;
return sprintf(
"checking policy server '%s'",
$options{instance_value}->{name}
);
}
sub prefix_ct_output {
my ($self, %options) = @_;
return 'client transactions ';
}
sub prefix_st_output {
my ($self, %options) = @_;
return 'server transactions ';
}
sub prefix_msg_aa_output {
my ($self, %options) = @_;
return 'authorization authentication messages ';
}
sub prefix_msg_st_output {
my ($self, %options) = @_;
return 'session termination messages ';
}
sub prefix_msg_as_output {
my ($self, %options) = @_;
return 'abort session messages ';
}
sub prefix_msg_ra_output {
my ($self, %options) = @_;
return 're-auth messages ';
}
sub set_counters {
my ($self, %options) = @_;
$self->{maps_counters_type} = [
{ name => 'global', type => 0 },
{ name => 'ps', type => 3, cb_prefix_output => 'prefix_ps_output', cb_long_output => 'ps_long_output', indent_long_output => ' ', message_multiple => 'All policy servers are ok',
group => [
{ name => 'ct', type => 0, cb_prefix_output => 'prefix_ct_output', skipped_code => { -10 => 1 } },
{ name => 'st', type => 0, cb_prefix_output => 'prefix_st_output', skipped_code => { -10 => 1 } },
{ name => 'msg_aa', type => 0, cb_prefix_output => 'prefix_msg_aa_output', skipped_code => { -10 => 1 } },
{ name => 'msg_st', type => 0, cb_prefix_output => 'prefix_msg_st_output', skipped_code => { -10 => 1 } },
{ name => 'msg_as', type => 0, cb_prefix_output => 'prefix_msg_as_output', skipped_code => { -10 => 1 } },
{ name => 'msg_ra', type => 0, cb_prefix_output => 'prefix_msg_ra_output', skipped_code => { -10 => 1 } }
]
}
];
$self->{maps_counters}->{global} = [
{ label => 'total', nlabel => 'policy_servers.total.count', display_ok => 0, set => {
key_values => [ { name => 'total' } ],
output_template => 'number of policy servers: %s',
perfdatas => [
{ template => '%s', min => 0 }
]
}
}
];
$self->{maps_counters}->{ct} = [
{ label => 'client-transactions-total', nlabel => 'policy_server.client_transactions.total.count', set => {
key_values => [ { name => 'ct_total', diff => 1 } ],
output_template => 'total: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
},
{ label => 'client-transactions', nlabel => 'policy_server.client_transactions.errors.count', set => {
key_values => [ { name => 'ct_errors_recvd', diff => 1 } ],
output_template => 'errors: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
}
];
$self->{maps_counters}->{st} = [
{ label => 'server-transactions-total', nlabel => 'policy_server.server_transactions.total.count', set => {
key_values => [ { name => 'st_total', diff => 1 } ],
output_template => 'total: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
},
{ label => 'server-transactions-requests', nlabel => 'policy_server.server_transactions.requests.count', set => {
key_values => [ { name => 'st_req_recvd', diff => 1 } ],
output_template => 'requests: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
},
{ label => 'server-transactions-requests-dropped', nlabel => 'policy_server.server_transactions.requests.dropped.count', set => {
key_values => [ { name => 'st_req_dropped', diff => 1 } ],
output_template => 'requests dropped: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
},
{ label => 'server-transactions-responses-succeded', nlabel => 'policy_server.server_transactions.responses.succeeded.count', set => {
key_values => [ { name => 'st_success_resp_sent', diff => 1 } ],
output_template => 'responses succeeded: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
},
{ label => 'server-transactions-responses-errors', nlabel => 'policy_server.server_transactions.responses.errors.count', set => {
key_values => [ { name => 'st_errors_resp_sent', diff => 1 } ],
output_template => 'responses errors: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
}
];
$self->{maps_counters}->{msg_aa} = [
{ label => 'messages-aar', nlabel => 'policy_server.messages.authorization_authentication_request.count', set => {
key_values => [ { name => 'aar_sent', diff => 1 } ],
output_template => 'request: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
},
{ label => 'messages-aaa-succeeded', nlabel => 'policy_server.messages.authorization_authentication_answer.succeeded.count', set => {
key_values => [ { name => 'aaa_success', diff => 1 } ],
output_template => 'answer succeeded: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
},
{ label => 'messages-aaa-errors', nlabel => 'policy_server.messages.authorization_authentication_answer.errors.count', set => {
key_values => [ { name => 'aaa_errors', diff => 1 } ],
output_template => 'answer errors: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
}
];
$self->{maps_counters}->{msg_st} = [
{ label => 'messages-str', nlabel => 'policy_server.messages.session_termination_request.count', set => {
key_values => [ { name => 'str_sent', diff => 1 } ],
output_template => 'request: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
},
{ label => 'messages-sta-succeeded', nlabel => 'policy_server.messages.session_termination_answer.succeeded.count', set => {
key_values => [ { name => 'sta_success', diff => 1 } ],
output_template => 'answer succeeded: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
},
{ label => 'messages-sta-errors', nlabel => 'policy_server.messages.session_termination_answer.errors.count', set => {
key_values => [ { name => 'sta_errors', diff => 1 } ],
output_template => 'answer errors: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
}
];
$self->{maps_counters}->{msg_as} = [
{ label => 'messages-asr', nlabel => 'policy_server.messages.abort_session_request.count', set => {
key_values => [ { name => 'asr_sent', diff => 1 } ],
output_template => 'request: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
},
{ label => 'messages-asa-succeeded', nlabel => 'policy_server.messages.abort_session_answer.succeeded.count', set => {
key_values => [ { name => 'asa_success', diff => 1 } ],
output_template => 'answer succeeded: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
},
{ label => 'messages-asa-errors', nlabel => 'policy_server.messages.abort_session_answer.errors.count', set => {
key_values => [ { name => 'asa_errors', diff => 1 } ],
output_template => 'answer errors: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
}
];
$self->{maps_counters}->{msg_ra} = [
{ label => 'messages-rar', nlabel => 'policy_server.messages.re_auth_request.count', set => {
key_values => [ { name => 'rar_recvd', diff => 1 } ],
output_template => 'request: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
},
{ label => 'messages-raa-succeeded', nlabel => 'policy_server.messages.re_auth_answer.succeeded.count', set => {
key_values => [ { name => 'raa_success', diff => 1 } ],
output_template => 'answer succeeded: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
},
{ label => 'messages-raa-errors', nlabel => 'policy_server.messages.re_auth_answer.errors.count', set => {
key_values => [ { name => 'raa_errors', diff => 1 } ],
output_template => 'answer errors: %s',
perfdatas => [
{ template => '%s', min => 0, label_extra_instance => 1 }
]
}
}
];
}
sub new {
my ($class, %options) = @_;
my $self = $class->SUPER::new(package => __PACKAGE__, %options, statefile => 1, force_new_perfdata => 1);
bless $self, $class;
$options{options}->add_options(arguments => {
'filter-name:s' => { name => 'filter_name' }
});
return $self;
}
my $mapping = {
ct_total => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.5' }, # apDiamRxExtPolSvrClientTrans
ct_errors_recvd => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.13' }, # apDiamRxExtPolSvrCTErrorsRecvd
st_total => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.16' }, # apDiamRxExtPolSvrServerTransactions
st_req_recvd => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.17' }, # apDiamRxExtPolSvrSTReqRecvd
st_success_resp_sent => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.19' }, # apDiamRxExtPolSvrSTSuccessRespSent
st_errors_resp_sent => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.20' }, # apDiamRxExtPolSvrSTErrorRespSent
st_req_dropped => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.21' }, # apDiamRxExtPolSvrSTReqDropped
aar_sent => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.25' }, # apDiamRxExtPolSvrAARSent
aaa_success => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.26' }, # apDiamRxExtPolSvrAAASuccess
aaa_errors => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.27' }, # apDiamRxExtPolSvrAAAErrors
str_sent => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.28' }, # apDiamRxExtPolSvrSTRSent
sta_success => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.29' }, # apDiamRxExtPolSvrSTASuccess
sta_errors => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.30' }, # apDiamRxExtPolSvrSTAErrors
rar_recvd => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.31' }, # apDiamRxExtPolSvrRARRecvd
raa_success => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.32' }, # apDiamRxExtPolSvrRAARecvdSuccess
raa_errors => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.33' }, # apDiamRxExtPolSvrRAARecvdErrors
asr_sent => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.40' }, # apDiamRxExtPolSvrASRRecvd
asa_success => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.41' }, # apDiamRxExtPolSvrASARecvdSuccess
asa_errors => { oid => '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.42' } # apDiamRxExtPolSvrASARecvdErrors
};
my $oid_name = '.1.3.6.1.4.1.9148.3.13.1.1.2.3.1.2'; # apDiamRxExtPolSvrName
sub manage_selection {
my ($self, %options) = @_;
$self->{cache_name} = 'acmepacket_' . $self->{mode} . '_' . $options{snmp}->get_hostname() . '_' . $options{snmp}->get_port() . '_' .
(defined($self->{option_results}->{filter_counters}) ? md5_hex($self->{option_results}->{filter_counters}) : md5_hex('all')) . '_' .
(defined($self->{option_results}->{filter_name}) ? md5_hex($self->{option_results}->{filter_name}) : md5_hex('all'));
my $snmp_result = $options{snmp}->get_table(
oid => $oid_name,
nothing_quit => 1
);
$self->{ps} = {};
foreach (keys %$snmp_result) {
/^$oid_name\.(.*)$/;
my $instance = $1;
if (defined($self->{option_results}->{filter_name}) && $self->{option_results}->{filter_name} ne '' &&
$snmp_result->{$_} !~ /$self->{option_results}->{filter_name}/) {
$self->{output}->output_add(long_msg => "skipping '" . $snmp_result->{$_} . "': no matching filter.", debug => 1);
next;
}
$self->{ps}->{ $snmp_result->{$_} } = {
name => $snmp_result->{$_},
instance => $instance
};
}
$self->{global} = { total => scalar(keys %{$self->{ps}}) };
return if (scalar(keys %{$self->{ps}}) <= 0);
$options{snmp}->load(
oids => [
map($_->{oid}, values(%$mapping))
],
instances => [map($_->{instance}, values(%{$self->{ps}}))],
instance_regexp => '^(.*)$'
);
$snmp_result = $options{snmp}->get_leef(nothing_quit => 1);
foreach (keys %{$self->{ps}}) {
my $result = $options{snmp}->map_instance(mapping => $mapping, results => $snmp_result, instance => $self->{ps}->{$_}->{instance});
$self->{ps}->{$_}->{ct} = {
ct_total => $result->{ct_total},
ct_errors_recvd => $result->{ct_errors_recvd}
};
$self->{ps}->{$_}->{st} = {
st_total => $result->{st_total},
st_req_recvd => $result->{st_req_recvd},
st_req_dropped => $result->{st_req_dropped},
st_success_resp_sent => $result->{st_success_resp_sent},
st_errors_resp_sent => $result->{st_errors_resp_sent}
};
$self->{ps}->{$_}->{msg_aa} = {
aar_sent => $result->{aar_sent},
aaa_success => $result->{aaa_success},
aaa_errors => $result->{aaa_errors}
};
$self->{ps}->{$_}->{msg_st} = {
str_sent => $result->{str_sent},
sta_success => $result->{sta_success},
sta_errors => $result->{sta_errors}
};
$self->{ps}->{$_}->{msg_ra} = {
rar_recvd => $result->{rar_recvd},
raa_success => $result->{raa_success},
raa_errors => $result->{raa_errors}
};
$self->{ps}->{$_}->{msg_as} = {
asr_sent => $result->{asr_sent},
asa_success => $result->{asa_success},
asa_errors => $result->{asa_errors}
};
}
}
1;
__END__
=head1 MODE
Check external policy servers statitics.
=over 8
=item B<--filter-counters>
Only display some counters (regexp can be used).
Example: --filter-counters='total'
=item B<--filter-name>
Filter policy servers by name (can be a regexp).
=item B<--warning-*> B<--critical-*>
Thresholds.
Can be:
'total',
'client-transactions-total', 'client-transactions',
'server-transactions-total', 'server-transactions-requests', 'server-transactions-requests-dropped', 'server-transactions-responses-succeded', 'server-transactions-responses-errors',
'messages-aar', 'messages-aaa-succeeded', 'messages-aaa-errors',
'messages-rar', 'messages-raa-succeeded', 'messages-raa-errors',
'messages-str', 'messages-sta-succeeded', 'messages-sta-errors',
'messages-asr', 'messages-asa-succeeded', 'messages-asa-errors'.
=back
=cut

294
network/acmepacket/snmp/mode/security.pm Normal file
View File

@ -0,0 +1,294 @@
#
# Copyright 2021 Centreon (http://www.centreon.com/)
#
# Centreon is a full-fledged industry-strength solution that meets
# the needs in IT infrastructure and application monitoring for
# service performance.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
package network::acmepacket::snmp::mode::security;
use base qw(centreon::plugins::templates::counter);
use strict;
use warnings;
use Digest::MD5 qw(md5_hex);
sub ipsec_long_output {
my ($self, %options) = @_;
return 'checking ipsec';
}
sub ims_long_output {
my ($self, %options) = @_;
return 'checking ims-aka';
}
sub prefix_ipsec_output {
my ($self, %options) = @_;
return 'ipsec ';
}
sub prefix_ims_output {
my ($self, %options) = @_;
return 'ims-aka ';
}
sub prefix_ims_sa_add_output {
my ($self, %options) = @_;
return 'security association add ';
}
sub prefix_ims_sa_del_output {
my ($self, %options) = @_;
return 'security association del ';
}
sub prefix_ims_sa_reg_output {
my ($self, %options) = @_;
return 'registrations ';
}
sub set_counters {
my ($self, %options) = @_;
$self->{maps_counters_type} = [
{ name => 'ipsec', type => 3, cb_prefix_output => 'prefix_ipsec_output', cb_long_output => 'ipsec_long_output', indent_long_output => ' ',
group => [
{ name => 'ipsec_global', type => 0, display_short => 0, skipped_code => { -10 => 1 } }
]
},
{ name => 'ims', type => 3, cb_prefix_output => 'prefix_ims_output', cb_long_output => 'ims_long_output', indent_long_output => ' ',
group => [
{ name => 'aka_sa_reg', type => 0, display_short => 0, cb_prefix_output => 'prefix_ims_sa_reg_output', skipped_code => { -10 => 1 } },
{ name => 'aka_sa_add', type => 0, display_short => 0, cb_prefix_output => 'prefix_ims_sa_add_output', skipped_code => { -10 => 1 } },
{ name => 'aka_sa_del', type => 0, display_short => 0, cb_prefix_output => 'prefix_ims_sa_del_output', skipped_code => { -10 => 1 } }
]
}
];
$self->{maps_counters}->{ipsec_global} = [
{ label => 'ipsec-tunnels', nlabel => 'security.ipsec.tunnels.count', set => {
key_values => [ { name => 'ipsec_tun_count' } ],
output_template => 'number of tunnels: %s',
perfdatas => [
{ template => '%s', min => 0 }
]
}
},
{ label => 'ipsec-license-usage', nlabel => 'security.ipsec.license.usage.percentage', set => {
key_values => [ { name => 'ipsec_tun_used' } ],
output_template => 'license used: %s %%',
perfdatas => [
{ template => '%s', min => 0, max => 100, unit => '%' }
]
}
}
];
$self->{maps_counters}->{aka_sa_reg} = [
{ label => 'registrations-total', nlabel => 'security.ims_aka.registrations.total.count', set => {
key_values => [ { name => 'imsaka_sa_regs_total', diff => 1 } ],
output_template => 'total: %s',
perfdatas => [
{ template => '%s', min => 0 }
]
}
},
{ label => 'registrations-protected', nlabel => 'security.ims_aka.registrations.protected.count', set => {
key_values => [ { name => 'imsaka_sa_regs_protected', diff => 1 } ],
output_template => 'protected: %s',
perfdatas => [
{ template => '%s', min => 0 }
]
}
}
];
$self->{maps_counters}->{aka_sa_add} = [
{ label => 'imsaka-sa-add-requests-in', nlabel => 'security.ims_aka.security_association_add.requests.in.count', set => {
key_values => [ { name => 'imsaka_sa_add_req_in', diff => 1 } ],
output_template => 'requests in: %s',
perfdatas => [
{ template => '%s', min => 0 }
]
}
},
{ label => 'imsaka-sa-add-responses-succeeded', nlabel => 'security.ims_aka.security_association_add.responses.out.succeded.count', set => {
key_values => [ { name => 'imsaka_sa_add_success_resp_out', diff => 1 } ],
output_template => 'responses out succeeded: %s',
perfdatas => [
{ template => '%s', min => 0 }
]
}
},
{ label => 'imsaka-sa-add-responses-failed', nlabel => 'security.ims_aka.security_association_add.responses.out.failed.count', set => {
key_values => [ { name => 'imsaka_sa_add_fail_resp_out', diff => 1 } ],
output_template => 'responses out failed: %s',
perfdatas => [
{ template => '%s', min => 0 }
]
}
},
{ label => 'imsaka-sa-add-added', nlabel => 'security.ims_aka.security_association_add.added.count', set => {
key_values => [ { name => 'imsaka_sa_add_created', diff => 1 } ],
output_template => 'added: %s',
perfdatas => [
{ template => '%s', min => 0 }
]
}
}
];
$self->{maps_counters}->{aka_sa_del} = [
{ label => 'imsaka-sa-del-requests-in', nlabel => 'security.ims_aka.security_association_del.requests.in.count', set => {
key_values => [ { name => 'imsaka_sa_del_req_in', diff => 1 } ],
output_template => 'requests in: %s',
perfdatas => [
{ template => '%s', min => 0 }
]
}
},
{ label => 'imsaka-sa-del-responses-succeeded', nlabel => 'security.ims_aka.security_association_del.responses.out.succeded.count', set => {
key_values => [ { name => 'imsaka_sa_del_success_resp_out', diff => 1 } ],
output_template => 'responses out succeeded: %s',
perfdatas => [
{ template => '%s', min => 0 }
]
}
},
{ label => 'imsaka-sa-del-responses-failed', nlabel => 'security.ims_aka.security_association_del.responses.out.failed.count', set => {
key_values => [ { name => 'imsaka_sa_del_fail_resp_out', diff => 1 } ],
output_template => 'responses out failed: %s',
perfdatas => [
{ template => '%s', min => 0 }
]
}
},
{ label => 'imsaka-sa-del-deleted', nlabel => 'security.ims_aka.security_association_del.deleted.count', set => {
key_values => [ { name => 'imsaka_sa_del_deleted', diff => 1 } ],
output_template => 'deleted: %s',
perfdatas => [
{ template => '%s', min => 0 }
]
}
}
];
}
sub new {
my ($class, %options) = @_;
my $self = $class->SUPER::new(package => __PACKAGE__, %options, statefile => 1, force_new_perfdata => 1);
bless $self, $class;
$options{options}->add_options(arguments => {
});
return $self;
}
sub manage_selection {
my ($self, %options) = @_;
my $mapping = {
ipsec_tun_count => { oid => '.1.3.6.1.4.1.9148.3.9.1.1' }, # apSecurityIPsecTunCount
ipsec_tun_used => { oid => '.1.3.6.1.4.1.9148.3.9.1.2' }, # apSecurityIPsecTunCapPct
imsaka_sa_add_req_in => { oid => '.1.3.6.1.4.1.9148.3.9.5.2.2' }, # apSecSAIMSAKAAddReqRcvd
imsaka_sa_add_success_resp_out => { oid => '.1.3.6.1.4.1.9148.3.9.5.2.3' }, # apSecSAIMSAKAAddSuccessRespSent
imsaka_sa_add_fail_resp_out => { oid => '.1.3.6.1.4.1.9148.3.9.5.2.5' }, # apSecSAIMSAKAAddFailRespSent
imsaka_sa_del_req_in => { oid => '.1.3.6.1.4.1.9148.3.9.5.2.13' }, # apSecSAIMSAKADelReqRcvd
imsaka_sa_del_success_resp_out => { oid => '.1.3.6.1.4.1.9148.3.9.5.2.14' }, # apSecSAIMSAKADelSuccessRespSent
imsaka_sa_del_fail_resp_out => { oid => '.1.3.6.1.4.1.9148.3.9.5.2.16' }, # apSecSAIMSAKADelFailRespSent
imsaka_sa_add_created => { oid => '.1.3.6.1.4.1.9148.3.9.5.2.29' }, # apSecSAIMSAKASaCreated
imsaka_sa_del_deleted => { oid => '.1.3.6.1.4.1.9148.3.9.5.2.35' }, # apSecSAIMSAKASaDeleted
imsaka_sa_regs_total => { oid => '.1.3.6.1.4.1.9148.3.9.5.2.71' }, # apSecSAIMSAKARegsTotal
imsaka_sa_regs_protected => { oid => '.1.3.6.1.4.1.9148.3.9.5.2.77' } # apSecSAIMSAKARegsFromPotectedPort
};
my $snmp_result = $options{snmp}->get_leef(
oids => [ map($_->{oid} . '.0', values(%$mapping)) ],
nothing_quit => 1
);
my $result = $options{snmp}->map_instance(mapping => $mapping, results => $snmp_result, instance => 0);
$self->{output}->output_add(short_msg => 'Security is ok');
$self->{ipsec} = {
global => {
ipsec_global => {
ipsec_tun_count => $result->{ipsec_tun_count},
ipsec_tun_used => $result->{ipsec_tun_used},
}
}
};
$self->{ims} = {
global => {
aka_sa_add => {
imsaka_sa_add_created => $result->{imsaka_sa_add_created},
imsaka_sa_add_req_in => $result->{imsaka_sa_add_req_in},
imsaka_sa_add_success_resp_out => $result->{imsaka_sa_add_success_resp_out},
imsaka_sa_add_fail_resp_out => $result->{imsaka_sa_add_fail_resp_out}
},
aka_sa_del => {
imsaka_sa_del_deleted => $result->{imsaka_sa_del_deleted},
imsaka_sa_del_req_in => $result->{imsaka_sa_del_req_in},
imsaka_sa_del_success_resp_out => $result->{imsaka_sa_del_success_resp_out},
imsaka_sa_del_fail_resp_out => $result->{imsaka_sa_del_fail_resp_out}
},
aka_sa_reg => {
imsaka_sa_regs_total => $result->{imsaka_sa_regs_total},
imsaka_sa_regs_protected => $result->{imsaka_sa_regs_protected}
}
}
};
$self->{cache_name} = 'acmepacket_' . $self->{mode} . '_' . $options{snmp}->get_hostname() . '_' . $options{snmp}->get_port() . '_' .
(defined($self->{option_results}->{filter_counters}) ? md5_hex($self->{option_results}->{filter_counters}) : md5_hex('all'));
}
1;
__END__
=head1 MODE
Check security statistics.
=over 8
=item B<--filter-counters>
Only display some counters (regexp can be used).
Example: --filter-counters='registration'
=item B<--warning-*> B<--critical-*>
Thresholds.
Can be: 'registrations-total', 'registrations-protected',
'ipsec-tunnels, 'ipsec-license-usage',
'imsaka-sa-add-requests-in', 'imsaka-sa-add-responses-succeeded', 'imsaka-sa-add-responses-failed', 'imsaka-sa-add-added',
'imsaka-sa-del-requests-in', 'imsaka-sa-del-responses-succeeded', 'imsaka-sa-del-responses-failed', 'imsaka-sa-del-deleted'.
=back
=cut

20
network/acmepacket/snmp/plugin.pm
View File

@ -31,14 +31,18 @@ sub new {
$self->{version} = '1.0';
$self->{modes} = {
'hardware' => 'network::acmepacket::snmp::mode::hardware',
'interfaces' => 'snmp_standard::mode::interfaces',
'list-interfaces' => 'snmp_standard::mode::listinterfaces',
'list-realm' => 'network::acmepacket::snmp::mode::listrealm',
'list-sip' => 'network::acmepacket::snmp::mode::listsip',
'realm-usage' => 'network::acmepacket::snmp::mode::realmusage',
'sip-usage' => 'network::acmepacket::snmp::mode::sipusage',
'system-usage' => 'network::acmepacket::snmp::mode::systemusage'
'codec' => 'network::acmepacket::snmp::mode::codec',
'hardware' => 'network::acmepacket::snmp::mode::hardware',
'interfaces' => 'snmp_standard::mode::interfaces',
'list-interfaces' => 'snmp_standard::mode::listinterfaces',
'list-policy-servers' => 'network::acmepacket::snmp::mode::listpolicyservers',
'list-realm' => 'network::acmepacket::snmp::mode::listrealm',
'list-sip' => 'network::acmepacket::snmp::mode::listsip',
'policy-servers' => 'network::acmepacket::snmp::mode::policyservers',
'realm-usage' => 'network::acmepacket::snmp::mode::realmusage',
'security' => 'network::acmepacket::snmp::mode::security',
'sip-usage' => 'network::acmepacket::snmp::mode::sipusage',
'system-usage' => 'network::acmepacket::snmp::mode::systemusage'
};
return $self;