From 8473f5fb507b58ee2d70513c5795065156947459 Mon Sep 17 00:00:00 2001 From: Simon Bomm Date: Mon, 16 Apr 2018 22:18:02 +0200 Subject: [PATCH] Sonicwall plugin (#922) * + add plugin for sonicwall Ref https://github.com/centreon/centreon-plugins/issues/914 --- network/sonicwall/snmp/mode/connections.pm | 105 ++++++++++ network/sonicwall/snmp/mode/cpu.pm | 96 ++++++++++ network/sonicwall/snmp/mode/memory.pm | 96 ++++++++++ network/sonicwall/snmp/mode/vpn.pm | 213 +++++++++++++++++++++ network/sonicwall/snmp/plugin.pm | 51 +++++ 5 files changed, 561 insertions(+) create mode 100644 network/sonicwall/snmp/mode/connections.pm create mode 100644 network/sonicwall/snmp/mode/cpu.pm create mode 100644 network/sonicwall/snmp/mode/memory.pm create mode 100644 network/sonicwall/snmp/mode/vpn.pm create mode 100644 network/sonicwall/snmp/plugin.pm diff --git a/network/sonicwall/snmp/mode/connections.pm b/network/sonicwall/snmp/mode/connections.pm new file mode 100644 index 000000000..38f072f70 --- /dev/null +++ b/network/sonicwall/snmp/mode/connections.pm @@ -0,0 +1,105 @@ +# +# Copyright 2018 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package network::sonicwall::snmp::mode::connections; + +use base qw(centreon::plugins::templates::counter); + +use strict; +use warnings; + +sub set_counters { + my ($self, %options) = @_; + + $self->{maps_counters_type} = [ + { name => 'connections', type => 0 }, + ]; + $self->{maps_counters}->{connections} = [ + { label => 'usage', set => { + key_values => [ { name => 'prct_used' }, { name => 'total' }, { name => 'used' } ], + closure_custom_output => $self->can('custom_usage_output'), + perfdatas => [ + { label => 'connections', value => 'used_absolute', template => '%s', + min => 0, max => 'total_absolute', threshold_total => 'total_absolute', cast_int => 1 }, + ], + } + }, + ]; +} + +sub custom_usage_output { + my ($self, %options) = @_; + + my $msg = sprintf("%.2f%% of the connections cached are used (%d of max. %d)", + $self->{result_values}->{prct_used_absolute}, + $self->{result_values}->{used_absolute}, + $self->{result_values}->{total_absolute}); + return $msg; +} + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options); + bless $self, $class; + + $self->{version} = '1.0'; + $options{options}->add_options(arguments => + { + }); + + return $self; +} + +sub manage_selection { + my ($self, %options) = @_; + + my $oid_sonicMaxConnCacheEntries = '.1.3.6.1.4.1.8741.1.3.1.1.0'; + my $oid_sonicCurrentConnCacheEntries = '.1.3.6.1.4.1.8741.1.3.1.2.0'; + + my $result = $options{snmp}->get_leef(oids => [$oid_sonicMaxConnCacheEntries, $oid_sonicCurrentConnCacheEntries], nothing_quit => 1); + + $self->{connections} = { total => $result->{$oid_sonicMaxConnCacheEntries}, + used => $result->{$oid_sonicCurrentConnCacheEntries}, + prct_used => $result->{$oid_sonicCurrentConnCacheEntries} * 100 / $result->{$oid_sonicMaxConnCacheEntries}, + }; + +} + +1; + +__END__ + +=head1 MODE + +Check Sonicwall connections usage + +=over 8 + +=item B<--warning-usage> + +Threshold warning. Usage (%) + +=item B<--critical-usage> + +Threshold critical. Usage (%) + +=back + +=cut diff --git a/network/sonicwall/snmp/mode/cpu.pm b/network/sonicwall/snmp/mode/cpu.pm new file mode 100644 index 000000000..914101024 --- /dev/null +++ b/network/sonicwall/snmp/mode/cpu.pm @@ -0,0 +1,96 @@ +# +# Copyright 2018 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package network::sonicwall::snmp::mode::cpu; + +use base qw(centreon::plugins::templates::counter); + +use strict; +use warnings; + +sub set_counters { + my ($self, %options) = @_; + + $self->{maps_counters_type} = [ + { name => 'cpu_usage', type => 0, cb_prefix_output => 'prefix_cpu_output' }, + ]; + + $self->{maps_counters}->{cpu_usage} = [ + { label => 'cpu', set => { + key_values => [ { name => 'prct_used' } ], + output_template => '%.2f %%', + perfdatas => [ + { label => 'cpu', value => 'prct_used_absolute', template => '%.2f', + unit => '%', min => 0, max => 100 }, + ], + } + }, + ]; +} + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options); + bless $self, $class; + + $self->{version} = '1.0'; + $options{options}->add_options(arguments => + { + }); + + return $self; +} + +sub prefix_cpu_output { + my ($self, %options) = @_; + + return "CPU Usage "; +} + +sub manage_selection { + my ($self, %options) = @_; + + my $oid_sonicCurrentCPUUtil = '.1.3.6.1.4.1.8741.1.3.1.3.0'; + my $snmp_result = $options{snmp}->get_leef(oids => [$oid_sonicCurrentCPUUtil], nothing_quit => 1); + + $self->{cpu_usage} = { prct_used => $snmp_result->{$oid_sonicCurrentCPUUtil} }; +} + +1; + +__END__ + +=head1 MODE + +Check CPU usage. + +=over 8 + +=item B<--warning-cpu> + +Threshold warning. + +=item B<--critical-cpu> + +Threshold critical. + +=back + +=cut diff --git a/network/sonicwall/snmp/mode/memory.pm b/network/sonicwall/snmp/mode/memory.pm new file mode 100644 index 000000000..d52b8fe80 --- /dev/null +++ b/network/sonicwall/snmp/mode/memory.pm @@ -0,0 +1,96 @@ +# +# Copyright 2018 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package network::sonicwall::snmp::mode::memory; + +use base qw(centreon::plugins::templates::counter); + +use strict; +use warnings; + +sub set_counters { + my ($self, %options) = @_; + + $self->{maps_counters_type} = [ + { name => 'memory_usage', type => 0, cb_prefix_output => 'prefix_memory_output' }, + ]; + + $self->{maps_counters}->{memory_usage} = [ + { label => 'memory', set => { + key_values => [ { name => 'prct_used' } ], + output_template => '%.2f %%', + perfdatas => [ + { label => 'memory', value => 'prct_used_absolute', template => '%.2f', + unit => '%', min => 0, max => 100 }, + ], + } + }, + ]; +} + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options); + bless $self, $class; + + $self->{version} = '1.0'; + $options{options}->add_options(arguments => + { + }); + + return $self; +} + +sub prefix_memory_output { + my ($self, %options) = @_; + + return "Memory Usage "; +} + +sub manage_selection { + my ($self, %options) = @_; + + my $oid_sonicCurrentRAMUtil = '.1.3.6.1.4.1.8741.1.3.1.4.0'; + my $snmp_result = $options{snmp}->get_leef(oids => [$oid_sonicCurrentRAMUtil], nothing_quit => 1); + + $self->{memory_usage} = { prct_used => $snmp_result->{$oid_sonicCurrentRAMUtil} }; +} + +1; + +__END__ + +=head1 MODE + +Check Memory usage. + +=over 8 + +=item B<--warning-memory> + +Threshold warning. (percent) + +=item B<--critical-memory> + +Threshold critical. (percent) + +=back + +=cut diff --git a/network/sonicwall/snmp/mode/vpn.pm b/network/sonicwall/snmp/mode/vpn.pm new file mode 100644 index 000000000..0fb68498b --- /dev/null +++ b/network/sonicwall/snmp/mode/vpn.pm @@ -0,0 +1,213 @@ +# +# Copyright 2018 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package network::sonicwall::snmp::mode::vpn; + +use base qw(centreon::plugins::templates::counter); + +use strict; +use warnings; +use Digest::MD5 qw(md5_hex); + +my $instance_mode; + +sub custom_status_threshold { + my ($self, %options) = @_; + my $status = 'ok'; + my $message; + + eval { + local $SIG{__WARN__} = sub { $message = $_[0]; }; + local $SIG{__DIE__} = sub { $message = $_[0]; }; + + if (defined($instance_mode->{option_results}->{critical_status}) && $instance_mode->{option_results}->{critical_status} ne '' && + eval "$instance_mode->{option_results}->{critical_status}") { + $status = 'critical'; + } elsif (defined($instance_mode->{option_results}->{warning_status}) && $instance_mode->{option_results}->{warning_status} ne '' && + eval "$instance_mode->{option_results}->{warning_status}") { + $status = 'warning'; + } + }; + if (defined($message)) { + $self->{output}->output_add(long_msg => 'filter status issue: ' . $message); + } + + return $status; +} + +sub custom_status_output { + my ($self, %options) = @_; + + my $msg = 'connection status : ' . $self->{result_values}->{connectstatus} . ' [activation status: ' . $self->{result_values}->{activestatus} . ']'; + return $msg; +} + +sub custom_status_calc { + my ($self, %options) = @_; + + $self->{result_values}->{activestatus} = $options{new_datas}->{$self->{instance} . '_activestatus'}; + $self->{result_values}->{connectstatus} = $options{new_datas}->{$self->{instance} . '_connectstatus'}; + $self->{result_values}->{display} = $options{new_datas}->{$self->{instance} . '_display'}; + return 0; +} + +sub set_counters { + my ($self, %options) = @_; + + $self->{maps_counters_type} = [ + { name => 'vpn', type => 1, cb_prefix_output => 'prefix_vpn_output', message_multiple => 'All VPN tunnels are OK' }, + ]; + + $self->{maps_counters}->{vpn} = [ + { label => 'traffic-in', set => { + key_values => [ { name => 'traffic_in', diff => 1 }, { name => 'display' } ], + per_second => 1, output_change_bytes => 2, + output_template => 'Traffic In: %s %s/s', + perfdatas => [ + { label => 'traffic_in', value => 'traffic_in_per_second', template => '%.2f', + min => 0, unit => 'b/s', label_extra_instance => 1, instance_use => 'display_absolute' }, + ], + } + }, + { label => 'traffic-out', set => { + key_values => [ { name => 'traffic_out', diff => 1 }, { name => 'display' } ], + per_second => 1, output_change_bytes => 2, + output_template => 'Traffic Out: %s %s/s', + perfdatas => [ + { label => 'traffic_out', value => 'traffic_out_per_second', template => '%.2f', + min => 0, unit => 'b/s', label_extra_instance => 1, instance_use => 'display_absolute' }, + ], + } + } + ]; +} + +sub prefix_vpn_output { + my ($self, %options) = @_; + + return "VPN '" . $options{instance_value}->{display} . "' "; +} + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options, statefile => 1); + bless $self, $class; + + $self->{version} = '1.0'; + $options{options}->add_options(arguments => + { + "filter-name:s" => { name => 'filter_name' }, + "warning-status:s" => { name => 'warning_status', default => '' }, + "critical-status:s" => { name => 'critical_status', default => '%{connectstatus} eq "disconnected"' }, + }); + return $self; +} + +sub change_macros { + my ($self, %options) = @_; + + foreach (('warning_status', 'critical_status')) { + if (defined($self->{option_results}->{$_})) { + $self->{option_results}->{$_} =~ s/%\{(.*?)\}/\$self->{result_values}->{$1}/g; + } + } +} + +sub check_options { + my ($self, %options) = @_; + $self->SUPER::check_options(%options); + + $self->change_macros(); + $instance_mode = $self; +} + +my $oid_sonicSAStatEntry = '.1.3.6.1.4.1.8741.1.3.2.1.1.1'; +my $oid_sonicSAStatUserName = '.1.3.6.1.4.1.8741.1.3.2.1.1.1.14'; +my $oid_sonicSAStatEncryptByteCount = '.1.3.6.1.4.1.8741.1.3.2.1.1.1.9'; +my $oid_sonicSAStatDecryptByteCount = '.1.3.6.1.4.1.8741.1.3.2.1.1.1.11'; + +sub manage_selection { + my ($self, %options) = @_; + + $self->{cache_name} = "sonicwall_" . $options{snmp}->get_hostname() . '_' . $options{snmp}->get_port() . '_' . $self->{mode} . '_' . + (defined($self->{option_results}->{filter_counters}) ? md5_hex($self->{option_results}->{filter_counters}) : md5_hex('all')) . '_' . + (defined($self->{option_results}->{filter_name}) ? md5_hex($self->{option_results}->{filter_name}) : md5_hex('all')); + + $self->{vpn} = {}; + my $result = $options{snmp}->get_table(oid => $oid_sonicSAStatEntry, nothing_quit => 1); + + foreach my $oid (sort keys %{$result}) { + next if ($oid !~ /^$oid_sonicSAStatUserName\.(.*)$/); + my $instance = $1; + + if (defined($self->{option_results}->{filter_name}) && $self->{option_results}->{filter_name} ne '' && + $result->{$oid_sonicSAStatUserName . '.' . $instance} !~ /$self->{option_results}->{filter_name}/) { + $self->{output}->output_add(long_msg => "skipping '" . $result->{$oid_sonicSAStatUserName . '.' . $instance} . "': no matching filter.", debug => 1); + next; + } + + $self->{vpn}->{$result->{$oid_sonicSAStatUserName . '.' . $instance}} = { traffic_in => $result->{$oid_sonicSAStatEncryptByteCount . '.' . $instance} * 8, + traffic_out => $result->{$oid_sonicSAStatDecryptByteCount . '.' . $instance} * 8, + display => $result->{$oid_sonicSAStatUserName . '.' . $instance} }; + } + + if (scalar(keys %{$self->{vpn}}) <= 0) { + $self->{output}->add_option_msg(short_msg => "No vpn found."); + $self->{output}->option_exit(); + } +} + +1; + +__END__ + +=head1 MODE + +Check VPN state and traffic. + +=over 8 + +=item B<--filter-name> + +Filter vpn name with regexp. + +=item B<--warning-*> + +Threshold warning. +Can be: 'traffic-in', 'traffic-out'. + +=item B<--critical-*> + +Threshold critical. +Can be: 'traffic-in', 'traffic-out'. + +=item B<--warning-status> + +Set warning threshold for status. +Can used special variables like: %{activestatus}, %{connectstatus}, %{display} + +=item B<--critical-status> + +Set critical threshold for status (Default: '%{connectstatus} eq "disconnected"'). +Can used special variables like: %{activestatus}, %{connectstatus}, %{display} + +=back + +=cut diff --git a/network/sonicwall/snmp/plugin.pm b/network/sonicwall/snmp/plugin.pm new file mode 100644 index 000000000..047c8f607 --- /dev/null +++ b/network/sonicwall/snmp/plugin.pm @@ -0,0 +1,51 @@ +# +# Copyright 2018 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package network::sonicwall::snmp::plugin; + +use strict; +use warnings; +use base qw(centreon::plugins::script_snmp); + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options); + bless $self, $class; + + $self->{version} = '1.0'; + %{$self->{modes}} = ( + 'cpu' => 'network::sonicwall::snmp::mode::cpu', + 'memory' => 'network::sonicwall::snmp::mode::memory', + 'connections' => 'network::sonicwall::snmp::mode::connections', + 'vpn' => 'network::sonicwall::snmp::mode::vpn', + ); + + return $self; +} + +1; + +__END__ + +=head1 PLUGIN DESCRIPTION + +Check Sonicwall firewalls equipments in SNMP + +=cut