tyler.durden/centreon-plugins
1
0
Fork 0
mirror of https://github.com/centreon/centreon-plugins.git synced 2025-07-29 08:34:46 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix(meraki-restapi): fix cisco meraki vpn-tunnels mode (#5384, #5283)

Browse Source 
Co-authored-by: garnier-quentin <garnier.quentin@gmail.com>

Refs: CTOR-1086
This commit is contained in:
omercier 2025-01-13 10:17:32 +01:00 committed by GitHub
parent 7149c95144
commit accf292b62
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 207 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
src/network/cisco/meraki/cloudcontroller/restapi/mode/listvpntunnels.pm
View File

@ -31,8 +31,11 @@ my @labels = (
'network_id', 'network_id',
'network_name', 'network_name',
'device_serial', 'device_serial',
'mode', 'device_mode',
'status' 'device_status',
'vpn_type',
'vpn_name',
'vpn_status'
); );
sub new { sub new {
@ -62,26 +65,46 @@ sub manage_selection {
orgs => [keys %$organizations] orgs => [keys %$organizations]
); );
my $results = {}; my $results = [];
foreach (keys %$devices) { foreach my $id (keys %$devices) {
next if (defined($self->{option_results}->{filter_network_id}) && $self->{option_results}->{filter_network_id} ne '' && next if (defined($self->{option_results}->{filter_network_id}) && $self->{option_results}->{filter_network_id} ne '' &&
$devices->{$_}->{networkId} !~ /$self->{option_results}->{filter_network_id}/); $devices->{$id}->{networkId} !~ /$self->{option_results}->{filter_network_id}/);
next if (defined($self->{option_results}->{filter_organization_id}) && $self->{option_results}->{filter_organization_id} ne '' && next if (defined($self->{option_results}->{filter_organization_id}) && $self->{option_results}->{filter_organization_id} ne '' &&
$devices->{$_}->{organizationId} !~ /$self->{option_results}->{filter_organization_id}/); $devices->{$id}->{organizationId} !~ /$self->{option_results}->{filter_organization_id}/);
my $organization_name = $organizations->{ $devices->{$_}->{organizationId} }->{name}; my $organization_name = $organizations->{ $devices->{$id}->{organizationId} }->{name};
next if (defined($self->{option_results}->{filter_organization_name}) && $self->{option_results}->{filter_organization_name} ne '' && next if (defined($self->{option_results}->{filter_organization_name}) && $self->{option_results}->{filter_organization_name} ne '' &&
$organization_name !~ /$self->{option_results}->{filter_organization_name}/); $organization_name !~ /$self->{option_results}->{filter_organization_name}/);
$results->{$_} = { foreach (@{$devices->{$id}->{merakiVpnPeers}}) {
network_id => $devices->{$_}->{networkId}, push @$results, {
network_name => $devices->{$_}->{networkName}, network_id => $devices->{$id}->{networkId},
device_serial => $devices->{$_}->{deviceSerial}, network_name => $devices->{$id}->{networkName},
organization_id => $devices->{$_}->{organizationId}, device_serial => $devices->{$id}->{deviceSerial},
organization_name => $organization_name, organization_id => $devices->{$id}->{organizationId},
mode => $devices->{$_}->{vpnMode}, organization_name => $organization_name,
status => $devices->{$_}->{deviceStatus} device_mode => $devices->{$id}->{vpnMode},
}; device_status => $devices->{$id}->{deviceStatus},
vpn_type => 'meraki',
vpn_name => $_->{networkName},
vpn_status => $_->{reachability}
};
}
foreach (@{$devices->{$id}->{thirdPartyVpnPeers}}) {
push @$results, {
network_id => $devices->{$id}->{networkId},
network_name => $devices->{$id}->{networkName},
device_serial => $devices->{$id}->{deviceSerial},
organization_id => $devices->{$id}->{organizationId},
organization_name => $organization_name,
device_mode => $devices->{$id}->{vpnMode},
device_status => $devices->{$id}->{deviceStatus},
vpn_type => 'thirdParty',
vpn_name => $_->{name},
vpn_status => $_->{reachability}
};
}
} }
return $results; return $results;
@ -91,9 +114,9 @@ sub run {
my ($self, %options) = @_; my ($self, %options) = @_;
my $results = $self->manage_selection(custom => $options{custom}); my $results = $self->manage_selection(custom => $options{custom});
foreach my $instance (sort keys %$results) { foreach my $item (@$results) {
$self->{output}->output_add(long_msg => $self->{output}->output_add(long_msg =>
join('', map("[$_: " . $results->{$instance}->{$_} . ']', @labels)) join('', map("[$_: " . $item->{$_} . ']', @labels))
); );
} }
@ -115,9 +138,9 @@ sub disco_show {
my ($self, %options) = @_; my ($self, %options) = @_;
my $results = $self->manage_selection(custom => $options{custom}); my $results = $self->manage_selection(custom => $options{custom});
foreach (sort keys %$results) { foreach my $item (@$results) {
$self->{output}->add_disco_entry( $self->{output}->add_disco_entry(
%{$results->{$_}} %$item
); );
} }
} }

208
src/network/cisco/meraki/cloudcontroller/restapi/mode/vpntunnels.pm
View File

@ -27,22 +27,46 @@ use warnings;
use centreon::plugins::templates::catalog_functions qw(catalog_status_threshold_ng); use centreon::plugins::templates::catalog_functions qw(catalog_status_threshold_ng);
use Digest::MD5 qw(md5_hex); use Digest::MD5 qw(md5_hex);
sub custom_status_output { sub custom_device_status_output {
my ($self, %options) = @_; my ($self, %options) = @_;
return 'status: ' . $self->{result_values}->{status} . ' [mode: ' . $self->{result_values}->{mode} . ']'; return 'status: ' . $self->{result_values}->{deviceStatus} . ' [mode: ' . $self->{result_values}->{deviceMode} . ']';
} }
sub prefix_tunnel_output { sub custom_vpn_status_output {
my ($self, %options) = @_; my ($self, %options) = @_;
return "vpn tunnel '" . $options{instance_value}->{deviceSerial} . "' "; return 'status: ' . $self->{result_values}->{vpnStatus};
}
sub prefix_vpn_output {
my ($self, %options) = @_;
return "vpn tunnel '" . $options{instance_value}->{vpnName} . "' [type: " . $options{instance_value}->{vpnType} . "] ";
} }
sub prefix_global_output { sub prefix_global_output {
my ($self, %options) = @_; my ($self, %options) = @_;
return 'Vpn tunnels '; return 'Number of VPNS ';
}
sub device_long_output {
my ($self, %options) = @_;
return sprintf(
"checking device '%s'",
$options{instance_value}->{serial}
);
}
sub prefix_device_output {
my ($self, %options) = @_;
return sprintf(
"device '%s' ",
$options{instance_value}->{serial}
);
} }
sub set_counters { sub set_counters {
@ -50,29 +74,18 @@ sub set_counters {
$self->{maps_counters_type} = [ $self->{maps_counters_type} = [
{ name => 'global', type => 0, cb_prefix_output => 'prefix_global_output', skipped_code => { -10 => 1 } }, { name => 'global', type => 0, cb_prefix_output => 'prefix_global_output', skipped_code => { -10 => 1 } },
{ name => 'tunnels', type => 1, cb_prefix_output => 'prefix_tunnel_output', message_multiple => 'All vpn tunnels are ok' } { name => 'devices', type => 3, cb_prefix_output => 'prefix_device_output', cb_long_output => 'device_long_output', indent_long_output => ' ', message_multiple => 'All devices are ok',
group => [
{ name => 'status', type => 0, skipped_code => { -10 => 1 } },
{ name => 'vpns', type => 1, display_long => 1, cb_prefix_output => 'prefix_vpn_output', message_multiple => 'All VPNs are ok', skipped_code => { -10 => 1 } }
]
}
]; ];
$self->{maps_counters}->{global} = [ $self->{maps_counters}->{global} = [
{ label => 'total-online', nlabel => 'vpn.tunnels.online.count', display_ok => 0, set => { { label => 'total-unreachable', nlabel => 'vpn.tunnels.unreachable.count', display_ok => 0, set => {
key_values => [ { name => 'online' }, { name => 'total' } ], key_values => [ { name => 'unreachable' }, { name => 'total' } ],
output_template => 'online: %s', output_template => 'unreachable: %s',
perfdatas => [
{ template => '%s', min => 0, max => 'total' }
]
}
},
{ label => 'total-offline', nlabel => 'vpn.tunnels.offline.count', display_ok => 0, set => {
key_values => [ { name => 'offline' }, { name => 'total' } ],
output_template => 'offline: %s',
perfdatas => [
{ template => '%s', min => 0, max => 'total' }
]
}
},
{ label => 'total-dormant', nlabel => 'vpn.tunnels.dormant.count', display_ok => 0, set => {
key_values => [ { name => 'dormant' }, { name => 'total' } ],
output_template => 'dormant: %s',
perfdatas => [ perfdatas => [
{ template => '%s', min => 0, max => 'total' } { template => '%s', min => 0, max => 'total' }
] ]
@ -80,13 +93,31 @@ sub set_counters {
} }
]; ];
$self->{maps_counters}->{tunnels} = [ $self->{maps_counters}->{status} = [
{ {
label => 'status', type => 2, label => 'device-status',
critical_default => '%{status} =~ /offline/i', type => 2,
unknown_default => '%{status} =~ /offline/i',
set => { set => {
key_values => [ { name => 'status' }, { name => 'mode' }, { name => 'deviceSerial' } ], key_values => [ { name => 'deviceStatus' }, { name => 'deviceMode' }, { name => 'deviceSerial' } ],
closure_custom_output => $self->can('custom_status_output'), closure_custom_output => $self->can('custom_device_status_output'),
closure_custom_perfdata => sub { return 0; },
closure_custom_threshold_check => \&catalog_status_threshold_ng
}
}
];
$self->{maps_counters}->{vpns} = [
{
label => 'vpn-status',
type => 2,
critical_default => '%{deviceStatus} =~ /online/i and %{vpnStatus} =~ /unreachable/i',
set => {
key_values => [
{ name => 'vpnStatus' }, { name => 'vpnName' }, { name => 'vpnType' },
{ name => 'deviceStatus' }, { name => 'deviceSerial' }
],
closure_custom_output => $self->can('custom_vpn_status_output'),
closure_custom_perfdata => sub { return 0; }, closure_custom_perfdata => sub { return 0; },
closure_custom_threshold_check => \&catalog_status_threshold_ng closure_custom_threshold_check => \&catalog_status_threshold_ng
} }
@ -103,7 +134,9 @@ sub new {
'filter-network-name:s' => { name => 'filter_network_name' }, 'filter-network-name:s' => { name => 'filter_network_name' },
'filter-organization-name:s' => { name => 'filter_organization_name' }, 'filter-organization-name:s' => { name => 'filter_organization_name' },
'filter-organization-id:s' => { name => 'filter_organization_id' }, 'filter-organization-id:s' => { name => 'filter_organization_id' },
'filter-device-serial:s' => { name => 'filter_device_serial' } 'filter-device-serial:s' => { name => 'filter_device_serial' },
'filter-vpn-type:s' => { name => 'filter_vpn_type' },
'filter-vpn-name:s' => { name => 'filter_vpn_name' }
}); });
return $self; return $self;
@ -114,26 +147,78 @@ sub manage_selection {
my $datas = $options{custom}->get_datas(skipDevices => 1, skipDevicesStatus => 1, skipNetworks => 1); my $datas = $options{custom}->get_datas(skipDevices => 1, skipDevicesStatus => 1, skipNetworks => 1);
$self->{global} = { total => 0, online => 0, offline => 0, dormant => 0 }; $self->{global} = { unreachable => 0 };
$self->{tunnels} = {}; $self->{devices} = {};
foreach my $id (keys %{$datas->{vpn_tunnels_status}}) { foreach my $id (keys %{$datas->{vpn_tunnels_status}}) {
next if (defined($self->{option_results}->{filter_network_name}) && $self->{option_results}->{filter_network_name} ne '' && next if (defined($self->{option_results}->{filter_network_name}) && $self->{option_results}->{filter_network_name} ne '' &&
$datas->{vpn_tunnels_status}->{$id}->{networkName} !~ /$self->{option_results}->{filter_network_name}/); $datas->{vpn_tunnels_status}->{$id}->{networkName} !~ /$self->{option_results}->{filter_network_name}/);
next if (defined($self->{option_results}->{filter_device_serial}) && $self->{option_results}->{filter_device_serial} ne '' &&
$id !~ /$self->{option_results}->{filter_device_serial}/);
next if (defined($self->{option_results}->{filter_organization_id}) && $self->{option_results}->{filter_organization_id} ne '' && next if (defined($self->{option_results}->{filter_organization_id}) && $self->{option_results}->{filter_organization_id} ne '' &&
$datas->{vpn_tunnels_status}->{$id}->{organizationId} !~ /$self->{option_results}->{filter_organization_id}/); $datas->{vpn_tunnels_status}->{$id}->{organizationId} !~ /$self->{option_results}->{filter_organization_id}/);
next if (defined($self->{option_results}->{filter_organization_name}) && $self->{option_results}->{filter_organization_name} ne '' && next if (defined($self->{option_results}->{filter_organization_name}) && $self->{option_results}->{filter_organization_name} ne '' &&
$datas->{orgs}->{ $datas->{vpn_tunnels_status}->{$id}->{organizationId} }->{name} !~ /$self->{option_results}->{filter_organization_name}/); $datas->{orgs}->{ $datas->{vpn_tunnels_status}->{$id}->{organizationId} }->{name} !~ /$self->{option_results}->{filter_organization_name}/);
$self->{tunnels}->{$id} = { $self->{devices}->{$id} = {
deviceSerial => $id, serial => $id,
status => $datas->{vpn_tunnels_status}->{$id}->{deviceStatus}, status => {
mode => $datas->{vpn_tunnels_status}->{$id}->{vpnMode} deviceSerial => $id,
deviceStatus => $datas->{vpn_tunnels_status}->{$id}->{deviceStatus},
deviceMode => $datas->{vpn_tunnels_status}->{$id}->{vpnMode}
},
vpns => {}
}; };
$self->{global}->{total}++; foreach (@{$datas->{vpn_tunnels_status}->{$id}->{merakiVpnPeers}}) {
$self->{global}->{ lc($datas->{vpn_tunnels_status}->{$id}->{deviceStatus}) }++ my $type = 'meraki';
if (defined($self->{global}->{ lc($datas->{vpn_tunnels_status}->{$id}->{deviceStatus}) })); next if (defined($self->{option_results}->{filter_vpn_type}) && $self->{option_results}->{filter_vpn_type} ne '' &&
$type !~ /$self->{option_results}->{filter_vpn_type}/);
next if (defined($self->{option_results}->{filter_vpn_name}) && $self->{option_results}->{filter_vpn_name} ne '' &&
$_->{networkName} !~ /$self->{option_results}->{filter_vpn_name}/);
$self->{devices}->{$id}->{vpns}->{ $_->{networkName} } = {
deviceSerial => $id,
deviceStatus => $datas->{vpn_tunnels_status}->{$id}->{deviceStatus},
vpnType => $type,
vpnName => $_->{networkName},
vpnStatus => $_->{reachability}
};
$self->{global}->{total}++;
$self->{global}->{ lc($_->{reachability}) }++
if (defined($self->{global}->{ lc($_->{reachability}) }));
}
foreach (@{$datas->{vpn_tunnels_status}->{$id}->{thirdPartyVpnPeers}}) {
my $type = 'thirdParty';
next if (defined($self->{option_results}->{filter_vpn_type}) && $self->{option_results}->{filter_vpn_type} ne '' &&
$type !~ /$self->{option_results}->{filter_vpn_type}/);
next if (defined($self->{option_results}->{filter_vpn_name}) && $self->{option_results}->{filter_vpn_name} ne '' &&
$_->{name} !~ /$self->{option_results}->{filter_vpn_name}/);
$self->{devices}->{$id}->{vpns}->{ $_->{name} } = {
deviceSerial => $id,
deviceStatus => $datas->{vpn_tunnels_status}->{$id}->{deviceStatus},
vpnType => $type,
vpnName => $_->{name},
vpnStatus => $_->{reachability}
};
$self->{global}->{total}++;
$self->{global}->{ lc($_->{reachability}) }++
if (defined($self->{global}->{ lc($_->{reachability}) }));
}
}
# we remove entries if there is a --filter-vpn-[type|name] and no --filter-device-serial
if ((!defined($self->{option_results}->{filter_device_serial}) || $self->{option_results}->{filter_device_serial} eq '') &&
((defined($self->{option_results}->{filter_vpn_type}) && $self->{option_results}->{filter_vpn_type} ne '') ||
(defined($self->{option_results}->{filter_vpn_name}) && $self->{option_results}->{filter_vpn_name} ne ''))
) {
foreach my $id (keys %{$self->{devices}}) {
delete $self->{devices}->{$id} if (scalar(keys %{$self->{devices}->{$id}->{vpns}}) <= 0);
}
} }
} }
@ -163,25 +248,48 @@ Filter VPN tunnels by organization name (can be a regexp).
Filter VPN tunnels by device serial (can be a regexp). Filter VPN tunnels by device serial (can be a regexp).
=item B<--unknown-status> =item B<--filter-vpn-type>
Define the conditions to match for the status to be UNKNOWN. Filter VPN tunnels by VPN type (can be a regexp).
You can use the following variables: %{status}, %{deviceSerial}, %{mode}
=item B<--warning-status> =item B<--filter-vpn-name>
Filter VPN tunnels by VPN name (can be a regexp).
=item B<--unknown-device-status>
Define the conditions to match for the status to be UNKNOWN (default: '%{deviceStatus} =~ /offline/i').
You can use the following variables: %{deviceStatus}, %{deviceSerial}, %{deviceMode}
=item B<--warning-device-status>
Define the conditions to match for the status to be WARNING. Define the conditions to match for the status to be WARNING.
You can use the following variables: %{status}, %{deviceSerial}, %{mode} You can use the following variables: %{deviceStatus}, %{deviceSerial}, %{deviceMode}
=item B<--critical-status> =item B<--critical-device-status>
Define the conditions to match for the status to be CRITICAL (default: '%{status} =~ /offline/i'). Define the conditions to match for the status to be CRITICAL.
You can use the following variables: %{status}, %{deviceSerial}, %{mode} You can use the following variables: %{deviceStatus}, %{deviceSerial}
=item B<--unknown-vpn-status>
Define the conditions to match for the status to be UNKNOWN.
You can use the following variables: %{vpnStatus}, %{vpnName}, %{vpnType}, %{deviceStatus}, %{deviceSerial}
=item B<--warning-vpn-status>
Define the conditions to match for the status to be WARNING.
You can use the following variables: %{vpnStatus}, %{vpnName}, %{vpnType}, %{deviceStatus}, %{deviceSerial}
=item B<--critical-vpn-status>
Define the conditions to match for the status to be CRITICAL (default: '%{deviceStatus} =~ /online/i and %{vpnStatus} =~ /unreachable/i').
You can use the following variables: %{vpnStatus}, %{vpnName}, %{vpnType}, %{deviceStatus}, %{deviceSerial}
=item B<--warning-*> B<--critical-*> =item B<--warning-*> B<--critical-*>
Thresholds. Thresholds.
Can be: 'total-online', 'total-offline', 'total-dormant'. Can be: 'total-unreachable'.
=back =back

12
tests/network/cisco/meraki/cloudcontroller/restapi/vpntunnels.robot
View File

@ -28,15 +28,15 @@ Create cache from API
# Mockoon is not needed any longer since the data are cached # Mockoon is not needed any longer since the data are cached
Stop Mockoon Stop Mockoon
Check if ${test_desc} works vpn-tunnels ${tc}
[Tags] meraki api vpn network [Tags] meraki api vpn network
${command} Catenate ${command} Catenate
... ${CMD} ... ${CMD}
... --mode=vpn-tunnels --filter-network-name=${filter_network_name} --cache-use --critical-total-dormant=1: ... --mode=vpn-tunnels --cache-use ${extra_options}
Ctn Run Command And Check Result As Strings ${command} ${expected_result} Ctn Run Command And Check Result As Strings ${command} ${expected_result}
Examples: test_desc filter_network_name expected_result -- Examples: tc extra_options expected_result --
... all links .* OK: vpn tunnel 'C3PO-R2P2-BB88' status: dormant [mode: spoke] | 'vpn.tunnels.online.count'=0;;;0;1 'vpn.tunnels.offline.count'=0;;;0;1 'vpn.tunnels.dormant.count'=1;;1:;0;1 ... 1 ${EMPTY} OK: device 'C3PO-R2P2-BB88' status: dormant [mode: spoke] - All VPNs are ok | 'vpn.tunnels.unreachable.count'=3;;;0;3
... empty filter ${EMPTY} OK: vpn tunnel 'C3PO-R2P2-BB88' status: dormant [mode: spoke] | 'vpn.tunnels.online.count'=0;;;0;1 'vpn.tunnels.offline.count'=0;;;0;1 'vpn.tunnels.dormant.count'=1;;1:;0;1 ... 2 --warning-total-unreachable=0 WARNING: Number of VPNS unreachable: 3 | 'vpn.tunnels.unreachable.count'=3;0:0;;0;3
... absurd filter toto CRITICAL: Vpn tunnels dormant: 0 | 'vpn.tunnels.online.count'=0;;;0;0 'vpn.tunnels.offline.count'=0;;;0;0 'vpn.tunnels.dormant.count'=0;;1:;0;0 ... 3 --critical-total-unreachable=0 CRITICAL: Number of VPNS unreachable: 3 | 'vpn.tunnels.unreachable.count'=3;;0:0;0;3