tyler.durden
/
centreon-plugins
mirror of https://github.com/centreon/centreon-plugins.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix #5796 

New ldap protocol plugin
This commit is contained in:
Quentin Garnier 2014-09-04 17:01:28 +02:00
parent 6160dca198
commit 8d0ae97eea
6 changed files with 600 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

147
centreon-plugins/apps/protocols/ldap/lib/ldap.pm Normal file
View File

@ -0,0 +1,147 @@
###############################################################################
# Copyright 2005-2014 MERETHIS
# Centreon is developped by : Julien Mathis and Romain Le Merlus under
# GPL Licence 2.0.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation ; either version 2 of the License.
#
# This program is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# this program; if not, see <http://www.gnu.org/licenses>.
#
# Linking this program statically or dynamically with other modules is making a
# combined work based on this program. Thus, the terms and conditions of the GNU
# General Public License cover the whole combination.
#
# As a special exception, the copyright holders of this program give MERETHIS
# permission to link this program with independent modules to produce an timeelapsedutable,
# regardless of the license terms of these independent modules, and to copy and
# distribute the resulting timeelapsedutable under terms of MERETHIS choice, provided that
# MERETHIS also meet, for each linked independent module, the terms and conditions
# of the license of that module. An independent module is a module which is not
# derived from this program. If you modify this program, you may extend this
# exception to your version of the program, but you are not obliged to do so. If you
# do not wish to do so, delete this exception statement from your version.
#
# For more information : contact@centreon.com
# Author : Simon BOMM <sbomm@merethis.com>
#
####################################################################################
package apps::protocols::ldap::lib::ldap;
use strict;
use warnings;
use Net::LDAP;
my $ldap_handle;
my $connected = 0;
sub quit {
if ($connected == 1) {
$ldap_handle->unbind;
}
}
sub search {
my ($self, %options) = @_;
my %ldap_search_options = ();
$ldap_search_options{base} = $self->{option_results}->{search_base};
$ldap_search_options{filter} = $self->{option_results}->{search_filter};
my $attrs;
foreach my $option (@{$self->{option_results}->{ldap_search_options}}) {
next if ($option !~ /^(.+?)=(.+)$/);
if ($1 =~ /attrs/) {
$attrs = [] if (!defined($attrs));
push @$attrs, $2;
} else {
$ldap_search_options{$1} = $2;
}
}
$ldap_search_options{attrs} = $attrs if (defined($attrs));
my $search_result = $ldap_handle->search(%ldap_search_options);
if ($search_result->code) {
$self->{output}->output_add(severity => 'UNKNOWN',
short_msg => 'Search operation error: ' . $search_result->error);
$self->{output}->display();
$self->{output}->exit();
}
return $search_result;
}
sub connect {
my ($self, %options) = @_;
my %ldap_connect_options = ();
my %ldap_bind_options = ();
if (defined($self->{option_results}->{username}) && $self->{option_results}->{username} ne '' &&
!defined($self->{option_results}->{password})) {
$self->{output}->add_option_msg(short_msg => "Please set --password option.");
$self->{output}->option_exit();
}
my $connection_exit = defined($options{connection_exit}) ? $options{connection_exit} : 'unknown';
$ldap_connect_options{timeout} = $self->{option_results}->{timeout} if (defined($self->{option_results}->{timeout}));
foreach my $option (@{$self->{option_results}->{ldap_connect_options}}) {
next if ($option !~ /^(.+?)=(.+)$/);
$ldap_connect_options{$1} = $2;
}
$ldap_handle = Net::LDAP->new($self->{option_results}->{hostname}, %ldap_connect_options);
if (!defined($ldap_handle)) {
$self->{output}->output_add(severity => $connection_exit,
short_msg => 'Unable to connect to LDAP: ' . $@);
$self->{output}->display();
$self->{output}->exit();
}
# TLS Process
if (defined($self->{option_results}->{use_tls})) {
my %ldap_starttls_options = ();
foreach my $option (@{$self->{option_results}->{ldap_starttls_options}}) {
next if ($option !~ /^(.+?)=(.+)$/);
$ldap_starttls_options{$1} = $2;
}
my $tls_result = $ldap_handle->start_tls(%ldap_starttls_options);
if ($tls_result->code) {
$self->{output}->output_add(severity => $connection_exit,
short_msg => 'Start TLS operation error: ' . $tls_result->error);
$self->{output}->display();
$self->{output}->exit();
}
}
# Bind process
my $username;
if (defined($self->{option_results}->{username}) && $self->{option_results}->{username} ne '') {
$ldap_bind_options{password} = $self->{option_results}->{password};
$username = $self->{option_results}->{username};
}
foreach my $option (@{$self->{option_results}->{ldap_bind_options}}) {
next if ($option !~ /^(.+?)=(.+)$/);
$ldap_bind_options{$1} = $2;
}
my $bind_result = $ldap_handle->bind($username, %ldap_bind_options);
if ($bind_result->code) {
$self->{output}->output_add(severity => $connection_exit,
short_msg => 'Bind operation error: ' . $bind_result->error);
$self->{output}->display();
$self->{output}->exit();
}
$connected = 1;
}
1;

178
centreon-plugins/apps/protocols/ldap/mode/login.pm Normal file
View File

@ -0,0 +1,178 @@
###############################################################################
# Copyright 2005-2014 MERETHIS
# Centreon is developped by : Julien Mathis and Romain Le Merlus under
# GPL Licence 2.0.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation ; either version 2 of the License.
#
# This program is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# this program; if not, see <http://www.gnu.org/licenses>.
#
# Linking this program statically or dynamically with other modules is making a
# combined work based on this program. Thus, the terms and conditions of the GNU
# General Public License cover the whole combination.
#
# As a special exception, the copyright holders of this program give MERETHIS
# permission to link this program with independent modules to produce an timeelapsedutable,
# regardless of the license terms of these independent modules, and to copy and
# distribute the resulting timeelapsedutable under terms of MERETHIS choice, provided that
# MERETHIS also meet, for each linked independent module, the terms and conditions
# of the license of that module. An independent module is a module which is not
# derived from this program. If you modify this program, you may extend this
# exception to your version of the program, but you are not obliged to do so. If you
# do not wish to do so, delete this exception statement from your version.
#
# For more information : contact@centreon.com
# Author : Quentin Garnier <qgarnier@merethis.com>
#
####################################################################################
package apps::protocols::ldap::mode::login;
use base qw(centreon::plugins::mode);
use strict;
use warnings;
use Time::HiRes qw(gettimeofday tv_interval);
use apps::protocols::ldap::lib::ldap;
sub new {
my ($class, %options) = @_;
my $self = $class->SUPER::new(package => __PACKAGE__, %options);
bless $self, $class;
$self->{version} = '1.0';
$options{options}->add_options(arguments =>
{
"hostname:s" => { name => 'hostname' },
"ldap-connect-options:s@" => { name => 'ldap_connect_options' },
"ldap-starttls-options:s@" => { name => 'ldap_starttls_options' },
"ldap-bind-options:s@" => { name => 'ldap_bind_options' },
"tls" => { name => 'use_tls' },
"username:s" => { name => 'username' },
"password:s" => { name => 'password' },
"warning:s" => { name => 'warning' },
"critical:s" => { name => 'critical' },
"timeout:s" => { name => 'timeout', default => '30' },
});
return $self;
}
sub check_options {
my ($self, %options) = @_;
$self->SUPER::init(%options);
if (($self->{perfdata}->threshold_validate(label => 'warning', value => $self->{option_results}->{warning})) == 0) {
$self->{output}->add_option_msg(short_msg => "Wrong warning threshold '" . $self->{option_results}->{warning} . "'.");
$self->{output}->option_exit();
}
if (($self->{perfdata}->threshold_validate(label => 'critical', value => $self->{option_results}->{critical})) == 0) {
$self->{output}->add_option_msg(short_msg => "Wrong critical threshold '" . $self->{option_results}->{critical} . "'.");
$self->{output}->option_exit();
}
if (!defined($self->{option_results}->{hostname})) {
$self->{output}->add_option_msg(short_msg => "Please set the hostname option");
$self->{output}->option_exit();
}
}
sub run {
my ($self, %options) = @_;
my $timing0 = [gettimeofday];
apps::protocols::ldap::lib::ldap::connect($self, connection_exit => 'critical');
apps::protocols::ldap::lib::ldap::quit();
my $timeelapsed = tv_interval ($timing0, [gettimeofday]);
my $exit = $self->{perfdata}->threshold_check(value => $timeelapsed,
threshold => [ { label => 'critical', 'exit_litteral' => 'critical' }, { label => 'warning', exit_litteral => 'warning' } ]);
$self->{output}->output_add(severity => $exit,
short_msg => sprintf("Response time %.3f second(s)", $timeelapsed));
$self->{output}->perfdata_add(label => "time", unit => 's',
value => sprintf('%.3f', $timeelapsed),
warning => $self->{perfdata}->get_perfdata_for_output(label => 'warning'),
critical => $self->{perfdata}->get_perfdata_for_output(label => 'critical'));
$self->{output}->display();
$self->{output}->exit();
}
1;
__END__
=head1 MODE
Check Connection (also login) to an LDAP Server.
LDAP Control are not still managed.
=over 8
=item B<--hostname>
IP Addr/FQDN of the ldap host
=item B<--ldap-connect-options>
Add custom ldap connect options:
=over 16
=item B<Set SSL connection>
--ldap-connect-options='scheme=ldaps'
=item B<Set LDAP version 2>
--ldap-connect-options='version=2'
=back
=item B<--ldap-starttls-options>
Add custom start tls options (need --tls option):
=over 16
=item B<An example>
--ldap-starttls-options='verify=none'
=back
=item B<--ldap-bind-options>
Add custom bind options (can force noauth) (not really useful now).
=item B<--username>
Specify username for authentification (can be a DN)
=item B<--password>
Specify password for authentification
=item B<--timeout>
Connection timeout in seconds (Default: 30)
=item B<--warning>
Threshold warning in seconds
=item B<--critical>
Threshold critical in seconds
=back
=cut

209
centreon-plugins/apps/protocols/ldap/mode/search.pm Normal file
View File

@ -0,0 +1,209 @@
###############################################################################
# Copyright 2005-2014 MERETHIS
# Centreon is developped by : Julien Mathis and Romain Le Merlus under
# GPL Licence 2.0.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation ; either version 2 of the License.
#
# This program is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# this program; if not, see <http://www.gnu.org/licenses>.
#
# Linking this program statically or dynamically with other modules is making a
# combined work based on this program. Thus, the terms and conditions of the GNU
# General Public License cover the whole combination.
#
# As a special exception, the copyright holders of this program give MERETHIS
# permission to link this program with independent modules to produce an timeelapsedutable,
# regardless of the license terms of these independent modules, and to copy and
# distribute the resulting timeelapsedutable under terms of MERETHIS choice, provided that
# MERETHIS also meet, for each linked independent module, the terms and conditions
# of the license of that module. An independent module is a module which is not
# derived from this program. If you modify this program, you may extend this
# exception to your version of the program, but you are not obliged to do so. If you
# do not wish to do so, delete this exception statement from your version.
#
# For more information : contact@centreon.com
# Author : Quentin Garnier <qgarnier@merethis.com>
#
####################################################################################
package apps::protocols::ldap::mode::search;
use base qw(centreon::plugins::mode);
use strict;
use warnings;
use Time::HiRes qw(gettimeofday tv_interval);
use apps::protocols::ldap::lib::ldap;
sub new {
my ($class, %options) = @_;
my $self = $class->SUPER::new(package => __PACKAGE__, %options);
bless $self, $class;
$self->{version} = '1.0';
$options{options}->add_options(arguments =>
{
"hostname:s" => { name => 'hostname' },
"search-base:s" => { name => 'search_base' },
"search-filter:s" => { name => 'search_filter' },
"ldap-connect-options:s@" => { name => 'ldap_connect_options' },
"ldap-starttls-options:s@" => { name => 'ldap_starttls_options' },
"ldap-bind-options:s@" => { name => 'ldap_bind_options' },
"ldap-search-options:s@" => { name => 'ldap_search_options' },
"tls" => { name => 'use_tls' },
"username:s" => { name => 'username' },
"password:s" => { name => 'password' },
"warning:s" => { name => 'warning' },
"critical:s" => { name => 'critical' },
"timeout:s" => { name => 'timeout', default => '30' },
});
return $self;
}
sub check_options {
my ($self, %options) = @_;
$self->SUPER::init(%options);
if (($self->{perfdata}->threshold_validate(label => 'warning', value => $self->{option_results}->{warning})) == 0) {
$self->{output}->add_option_msg(short_msg => "Wrong warning threshold '" . $self->{option_results}->{warning} . "'.");
$self->{output}->option_exit();
}
if (($self->{perfdata}->threshold_validate(label => 'critical', value => $self->{option_results}->{critical})) == 0) {
$self->{output}->add_option_msg(short_msg => "Wrong critical threshold '" . $self->{option_results}->{critical} . "'.");
$self->{output}->option_exit();
}
if (!defined($self->{option_results}->{hostname})) {
$self->{output}->add_option_msg(short_msg => "Please set the hostname option");
$self->{output}->option_exit();
}
if (!defined($self->{option_results}->{search_base})) {
$self->{output}->add_option_msg(short_msg => "Please set the search-base option");
$self->{output}->option_exit();
}
if (!defined($self->{option_results}->{search_filter})) {
$self->{output}->add_option_msg(short_msg => "Please set the search-filter option");
$self->{output}->option_exit();
}
}
sub run {
my ($self, %options) = @_;
my $timing0 = [gettimeofday];
apps::protocols::ldap::lib::ldap::connect($self);
my $search_result = apps::protocols::ldap::lib::ldap::search($self);
apps::protocols::ldap::lib::ldap::quit();
my $timeelapsed = tv_interval ($timing0, [gettimeofday]);
my $num_entries = scalar($search_result->entries);
my $exit = $self->{perfdata}->threshold_check(value => $num_entries,
threshold => [ { label => 'critical', 'exit_litteral' => 'critical' }, { label => 'warning', exit_litteral => 'warning' } ]);
$self->{output}->output_add(severity => $exit,
short_msg => sprintf("Number of results returned: %s", $num_entries));
$self->{output}->perfdata_add(label => "time", unit => 's',
value => sprintf('%.3f', $timeelapsed),
warning => $self->{perfdata}->get_perfdata_for_output(label => 'warning'),
critical => $self->{perfdata}->get_perfdata_for_output(label => 'critical'));
$self->{output}->display();
$self->{output}->exit();
}
1;
__END__
=head1 MODE
Check search results (by default it uses the scope 'sub').
LDAP Control are not still managed.
Example:
centreon_plugins.pl --plugin=apps::protocols::ldap::plugin --mode=search --hostname='xxx.xxx.xxx.xxx'
--username='cn=Manager,dc=merethis,dc=com' --password='secret' --search-base='dc=merethis,dc=com' --search-filter='(objectclass=organizationalunit)'
=over 8
=item B<--hostname>
IP Addr/FQDN of the ldap host (required).
=item B<--search-base>
Set the DN that is the base object entry relative to which the
search is to be performed (required).
=item B<--search-filter>
Set filter that defines the conditions an entry in the directory
must meet in order for it to be returned by the search (required).
=item B<--ldap-connect-options>
Add custom ldap connect options:
=over 16
=item B<Set SSL connection>
--ldap-connect-options='scheme=ldaps'
=item B<Set LDAP version 2>
--ldap-connect-options='version=2'
=back
=item B<--ldap-starttls-options>
Add custom start tls options (need --tls option):
=over 16
=item B<An example>
--ldap-starttls-options='verify=none'
=back
=item B<--ldap-bind-options>
Add custom bind options (can force noauth) (not really useful now).
=item B<--ldap-search-options>
Add custom search options (can change the scope for example).
=item B<--username>
Specify username for authentification (can be a DN)
=item B<--password>
Specify password for authentification
=item B<--timeout>
Connection timeout in seconds (Default: 30)
=item B<--warning>
Threshold warning (number of results)
=item B<--critical>
Threshold critical (number of results)
=back
=cut

64
centreon-plugins/apps/protocols/ldap/plugin.pm Normal file
View File

@ -0,0 +1,64 @@
################################################################################
# Copyright 2005-2014 MERETHIS
# Centreon is developped by : Julien Mathis and Romain Le Merlus under
# GPL Licence 2.0.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation ; either version 2 of the License.
#
# This program is distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# this program; if not, see <http://www.gnu.org/licenses>.
#
# Linking this program statically or dynamically with other modules is making a
# combined work based on this program. Thus, the terms and conditions of the GNU
# General Public License cover the whole combination.
#
# As a special exception, the copyright holders of this program give MERETHIS
# permission to link this program with independent modules to produce an executable,
# regardless of the license terms of these independent modules, and to copy and
# distribute the resulting executable under terms of MERETHIS choice, provided that
# MERETHIS also meet, for each linked independent module, the terms and conditions
# of the license of that module. An independent module is a module which is not
# derived from this program. If you modify this program, you may extend this
# exception to your version of the program, but you are not obliged to do so. If you
# do not wish to do so, delete this exception statement from your version.
#
# For more information : contact@centreon.com
# Authors : Quentin Garnier <qgarnier@merethis.com>
#
####################################################################################
package apps::protocols::ldap::plugin;
use strict;
use warnings;
use base qw(centreon::plugins::script_simple);
sub new {
my ($class, %options) = @_;
my $self = $class->SUPER::new(package => __PACKAGE__, %options);
bless $self, $class;
# $options->{options} = options object
$self->{version} = '0.1';
%{$self->{modes}} = (
'login' => 'apps::protocols::ldap::mode::login',
'search' => 'apps::protocols::ldap::mode::search',
);
return $self;
}
1;
__END__
=head1 PLUGIN DESCRIPTION
Check a LDAP server.
=cut

2
centreon-plugins/apps/protocols/smtp/mode/login.pm
View File

@ -116,7 +116,7 @@ Check Connection (also login) to an SMTP Server.
=item B<--hostname>
IP Addr/FQDN of the ftp host
IP Addr/FQDN of the smtp host
=item B<--port>

2
centreon-plugins/apps/protocols/smtp/plugin.pm
View File

@ -59,6 +59,6 @@ __END__
=head1 PLUGIN DESCRIPTION
Check an SMTP server.
Check a SMTP server.
=cut