From b40894ef9cbfb9c965a3001c08781817e2342f98 Mon Sep 17 00:00:00 2001 From: garnier-quentin Date: Mon, 8 Feb 2016 22:33:53 +0100 Subject: [PATCH] + Enhance cisco ASA sessions (Fix #315) --- .../cisco/standard/snmp/mode/sessions.pm | 289 ++++++++++++++++++ network/cisco/asa/mode/sessions.pm | 154 ---------- network/cisco/asa/plugin.pm | 2 +- 3 files changed, 290 insertions(+), 155 deletions(-) create mode 100644 centreon/common/cisco/standard/snmp/mode/sessions.pm delete mode 100644 network/cisco/asa/mode/sessions.pm diff --git a/centreon/common/cisco/standard/snmp/mode/sessions.pm b/centreon/common/cisco/standard/snmp/mode/sessions.pm new file mode 100644 index 000000000..09a59e4ba --- /dev/null +++ b/centreon/common/cisco/standard/snmp/mode/sessions.pm @@ -0,0 +1,289 @@ +# +# Copyright 2016 Centreon (http://www.centreon.com/) +# +# Centreon is a full-fledged industry-strength solution that meets +# the needs in IT infrastructure and application monitoring for +# service performance. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +package centreon::common::cisco::standard::snmp::mode::sessions; + +use base qw(centreon::plugins::templates::counter); + +use strict; +use warnings; +use Digest::MD5 qw(md5_hex); + +sub set_counters { + my ($self, %options) = @_; + + $self->{maps_counters_type} = [ + { name => 'connections', type => 0, cb_prefix_output => 'prefix_connections_output', skipped_code => { -10 => 1 } }, + { name => 'sessions', type => 0, cb_prefix_output => 'prefix_sessions_output', skipped_code => { -10 => 1 } }, + ]; + $self->{maps_counters}->{connections} = [ + { label => 'connections-current', set => { + key_values => [ { name => 'cufwConnGlobalNumActive' } ], + output_template => 'current : %s', output_error_template => "current : %s", + perfdatas => [ + { label => 'connections_current', value => 'cufwConnGlobalNumActive_absolute', template => '%d', + min => 0 }, + ], + } + }, + { label => 'connections-1m', set => { + key_values => [ { name => 'cufwConnGlobalConnSetupRate1' } ], + output_template => 'average last 1min %s', output_error_template => "average last 1min : %s", + perfdatas => [ + { label => 'connections_1m', value => 'cufwConnGlobalConnSetupRate1_absolute', template => '%d', + min => 0 }, + ], + } + }, + { label => 'connections-5m', set => { + key_values => [ { name => 'cufwConnGlobalConnSetupRate5' } ], + output_template => 'average last 5min : %s', output_error_template => "average last 5min : %s", + perfdatas => [ + { label => 'connections_5m', value => 'cufwConnGlobalConnSetupRate5_absolute', template => '%d', + min => 0 }, + ], + } + }, + ]; + $self->{maps_counters}->{sessions} = [ + { label => 'sessions-total', set => { + key_values => [ { name => 'crasNumSessions' } ], + output_template => 'total : %s', output_error_template => "total : %s", + perfdatas => [ + { label => 'sessions_total', value => 'crasNumSessions_absolute', template => '%d', + min => 0 }, + ], + } + }, + { label => 'sessions-email-current', set => { + key_values => [ { name => 'crasEmailNumSessions' } ], + output_template => 'current email proxy : %s', output_error_template => "current email proxy : %s", + perfdatas => [ + { label => 'sessions_email_current', value => 'crasEmailNumSessions_absolute', template => '%d', + min => 0 }, + ], + } + }, + { label => 'sessions-email-psec', set => { + key_values => [ { name => 'crasEmailCumulateSessions', diff => 1 } ], + output_template => 'email proxy : %.2f/s', output_error_template => "email proxy : %s", + per_second => 1, + perfdatas => [ + { label => 'sessions_email_psec', value => 'crasEmailCumulateSessions_per_second', template => '%.2f', + min => 0 }, + ], + } + }, + { label => 'sessions-ipsec-current', set => { + key_values => [ { name => 'crasIPSecNumSessions' } ], + output_template => 'current ipsec : %s', output_error_template => "current ipsec : %s", + perfdatas => [ + { label => 'sessions_ipsec_current', value => 'crasIPSecNumSessions_absolute', template => '%d', + min => 0 }, + ], + } + }, + { label => 'sessions-ipsec-psec', set => { + key_values => [ { name => 'crasIPSecCumulateSessions', diff => 1 } ], + output_template => 'ipsec : %.2f/s', output_error_template => "ipsec : %s", + per_second => 1, + perfdatas => [ + { label => 'sessions_ipsec_psec', value => 'crasIPSecCumulateSessions_per_second', template => '%.2f', + min => 0 }, + ], + } + }, + { label => 'sessions-l2l-current', set => { + key_values => [ { name => 'crasL2LNumSessions' } ], + output_template => 'current LAN to LAN : %s', output_error_template => "current LAN to LAN : %s", + perfdatas => [ + { label => 'sessions_l2l_current', value => 'crasL2LNumSessions_absolute', template => '%d', + min => 0 }, + ], + } + }, + { label => 'sessions-l2l-psec', set => { + key_values => [ { name => 'crasL2LCumulateSessions', diff => 1 } ], + output_template => 'LAN to LAN : %.2f/s', output_error_template => "LAN to LAN : %s", + per_second => 1, + perfdatas => [ + { label => 'sessions_l2l_psec', value => 'crasL2LCumulateSessions_per_second', template => '%.2f', + min => 0 }, + ], + } + }, + { label => 'sessions-lb-current', set => { + key_values => [ { name => 'crasLBNumSessions' } ], + output_template => 'current load balancing : %s', output_error_template => "current load balancing : %s", + perfdatas => [ + { label => 'sessions_lb_current', value => 'crasLBNumSessions_absolute', template => '%d', + min => 0 }, + ], + } + }, + { label => 'sessions-lb-psec', set => { + key_values => [ { name => 'crasLBCumulateSessions', diff => 1 } ], + output_template => 'load balancing : %.2f/s', output_error_template => "load balancing : %s", + per_second => 1, + perfdatas => [ + { label => 'sessions_lb_psec', value => 'crasLBCumulateSessions_per_second', template => '%.2f', + min => 0 }, + ], + } + }, + { label => 'sessions-svc-current', set => { + key_values => [ { name => 'crasSVCNumSessions' } ], + output_template => 'current SVC : %s', output_error_template => "current SVC : %s", + perfdatas => [ + { label => 'sessions_svc_current', value => 'crasSVCNumSessions_absolute', template => '%d', + min => 0 }, + ], + } + }, + { label => 'sessions-svc-psec', set => { + key_values => [ { name => 'crasSVCCumulateSessions', diff => 1 } ], + output_template => 'SVC : %.2f/s', output_error_template => "SVC : %s", + per_second => 1, + perfdatas => [ + { label => 'sessions_svc_psec', value => 'crasSVCCumulateSessions_per_second', template => '%.2f', + min => 0 }, + ], + } + }, + { label => 'sessions-webvpn-current', set => { + key_values => [ { name => 'crasWebvpnNumSessions' } ], + output_template => 'current webvpn : %s', output_error_template => "current webvpn : %s", + perfdatas => [ + { label => 'sessions_webvpn_current', value => 'crasWebvpnNumSessions_absolute', template => '%d', + min => 0 }, + ], + } + }, + { label => 'sessions-webvpn-psec', set => { + key_values => [ { name => 'crasWebvpnCumulateSessions', diff => 1 } ], + output_template => 'webvpn : %.2f/s', output_error_template => "webvpn : %s", + per_second => 1, + perfdatas => [ + { label => 'sessions_webvpn_psec', value => 'crasWebvpnCumulateSessions_per_second', template => '%.2f', + min => 0 }, + ], + } + }, + ]; +} + +sub prefix_connections_output { + my ($self, %options) = @_; + + return "Connections "; +} + +sub prefix_sessions_output { + my ($self, %options) = @_; + + return "Sessions "; +} + +sub new { + my ($class, %options) = @_; + my $self = $class->SUPER::new(package => __PACKAGE__, %options, statefile => 1); + bless $self, $class; + + $self->{version} = '1.0'; + $options{options}->add_options(arguments => + { + }); + + return $self; +} + +my %oids_connections = ( + cufwConnGlobalNumActive => '.1.3.6.1.4.1.9.9.491.1.1.1.6.0', + cufwConnGlobalConnSetupRate1 => '.1.3.6.1.4.1.9.9.491.1.1.1.10.0', + cufwConnGlobalConnSetupRate5 => '.1.3.6.1.4.1.9.9.491.1.1.1.11.0', +); +my %oids_sessions = ( + crasNumSessions => '.1.3.6.1.4.1.9.9.392.1.3.1.0', + crasEmailNumSessions => '.1.3.6.1.4.1.9.9.392.1.3.23.0', + crasEmailCumulateSessions => '.1.3.6.1.4.1.9.9.392.1.3.24.0', + crasIPSecNumSessions => '.1.3.6.1.4.1.9.9.392.1.3.26.0', + crasIPSecCumulateSessions => '.1.3.6.1.4.1.9.9.392.1.3.27.0', + crasL2LNumSessions => '.1.3.6.1.4.1.9.9.392.1.3.29.0', + crasL2LCumulateSessions => '.1.3.6.1.4.1.9.9.392.1.3.30.0', + crasLBNumSessions => '.1.3.6.1.4.1.9.9.392.1.3.32.0', + crasLBCumulateSessions => '.1.3.6.1.4.1.9.9.392.1.3.33.0', + crasSVCNumSessions => '.1.3.6.1.4.1.9.9.392.1.3.35.0', + crasSVCCumulateSessions => '.1.3.6.1.4.1.9.9.392.1.3.36.0', + crasWebvpnNumSessions => '.1.3.6.1.4.1.9.9.392.1.3.38.0', + crasWebvpnCumulateSessions => '.1.3.6.1.4.1.9.9.392.1.3.39.0', +); + +sub manage_selection { + my ($self, %options) = @_; + + $self->{cache_name} = "cisco_standard_" . $options{snmp}->get_hostname() . '_' . $options{snmp}->get_port() . '_' . $self->{mode} . '_' . + (defined($self->{option_results}->{filter_counters}) ? md5_hex($self->{option_results}->{filter_counters}) : md5_hex('all')); + + $self->{connections} = {}; + $self->{sessions} = {}; + + $self->{results} = $options{snmp}->get_leef(oids => [values %oids_connections, values %oids_sessions], + nothing_quit => 1); + foreach my $name (keys %oids_connections) { + next if (!defined($self->{results}->{$oids_connections{$name}}) || $self->{results}->{$oids_connections{$name}} == 0); + $self->{connections}->{$name} = $self->{results}->{$oids_connections{$name}}; + } + foreach my $name (keys %oids_sessions) { + next if (!defined($self->{results}->{$oids_sessions{$name}}) || $self->{results}->{$oids_sessions{$name}} == 0); + $self->{sessions}->{$name} = $self->{results}->{$oids_sessions{$name}}; + } +} + +1; + +__END__ + +=head1 MODE + +Check sessions. + +=over 8 + +=item B<--warning-*> + +Threshold warning. +Can be: 'connections-current', 'connections-1m', 'connections-5m', +'sessions-total', 'sessions-email-current', 'sessions-email-psec', +'sessions-ipsec-current', 'sessions-ipsec-psec', 'sessions-l2l-current', 'sessions-lb-psec' +'sessions-lb-current', 'sessions-lb-psec', 'sessions-svc-current', 'sessions-svc-psec', +'sessions-webvpn-current', 'sessions-webvpn-psec'. + +=item B<--critical-*> + +Threshold critical. +Can be: 'connections-current', 'connections-1m', 'connections-5m', +'sessions-total', 'sessions-email-current', 'sessions-email-psec', +'sessions-ipsec-current', 'sessions-ipsec-psec', 'sessions-l2l-current', 'sessions-lb-psec' +'sessions-lb-current', 'sessions-lb-psec', 'sessions-svc-current', 'sessions-svc-psec', +'sessions-webvpn-current', 'sessions-webvpn-psec'. + +=back + +=cut diff --git a/network/cisco/asa/mode/sessions.pm b/network/cisco/asa/mode/sessions.pm deleted file mode 100644 index a82602f0d..000000000 --- a/network/cisco/asa/mode/sessions.pm +++ /dev/null @@ -1,154 +0,0 @@ -# -# Copyright 2016 Centreon (http://www.centreon.com/) -# -# Centreon is a full-fledged industry-strength solution that meets -# the needs in IT infrastructure and application monitoring for -# service performance. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -package network::cisco::asa::mode::sessions; - -use base qw(centreon::plugins::mode); - -use strict; -use warnings; - -sub new { - my ($class, %options) = @_; - my $self = $class->SUPER::new(package => __PACKAGE__, %options); - bless $self, $class; - - $self->{version} = '1.0'; - $options{options}->add_options(arguments => - { - "warning-average:s" => { name => 'warning_average', default => '' }, - "critical-average:s" => { name => 'critical_average', default => '' }, - "warning-current:s" => { name => 'warning_current' }, - "critical-current:s" => { name => 'critical_current' }, - }); - - return $self; -} - -sub check_options { - my ($self, %options) = @_; - $self->SUPER::init(%options); - - ($self->{warn_avg1m}, $self->{warn_avg5m}) = split /,/, $self->{option_results}->{warning_average}; - ($self->{crit_avg1m}, $self->{crit_avg5m}) = split /,/, $self->{option_results}->{critical_average}; - - if (($self->{perfdata}->threshold_validate(label => 'warn_avg1m', value => $self->{warn_avg1m})) == 0) { - $self->{output}->add_option_msg(short_msg => "Wrong warning average (1min) threshold '" . $self->{warn_avg1m} . "'."); - $self->{output}->option_exit(); - } - if (($self->{perfdata}->threshold_validate(label => 'warn_avg5m', value => $self->{warn_avg5m})) == 0) { - $self->{output}->add_option_msg(short_msg => "Wrong warning average (5min) threshold '" . $self->{warn_avg5m} . "'."); - $self->{output}->option_exit(); - } - if (($self->{perfdata}->threshold_validate(label => 'crit_avg1m', value => $self->{crit_avg1m})) == 0) { - $self->{output}->add_option_msg(short_msg => "Wrong critical average (1min) threshold '" . $self->{crit_avg1m} . "'."); - $self->{output}->option_exit(); - } - if (($self->{perfdata}->threshold_validate(label => 'crit_avg5m', value => $self->{crit_avg5m})) == 0) { - $self->{output}->add_option_msg(short_msg => "Wrong critical average (5min) threshold '" . $self->{crit_avg5m} . "'."); - $self->{output}->option_exit(); - } - - if (($self->{perfdata}->threshold_validate(label => 'warning_current', value => $self->{option_results}->{warning_current})) == 0) { - $self->{output}->add_option_msg(short_msg => "Wrong warning current threshold '" . $self->{option_results}->{warning_current} . "'."); - $self->{output}->option_exit(); - } - if (($self->{perfdata}->threshold_validate(label => 'critical_current', value => $self->{option_results}->{critical_current})) == 0) { - $self->{output}->add_option_msg(short_msg => "Wrong critical current threshold '" . $self->{option_results}->{critical_current} . "'."); - $self->{output}->option_exit(); - } -} - -sub run { - my ($self, %options) = @_; - # $options{snmp} = snmp object - $self->{snmp} = $options{snmp}; - - my $oid_cufwConnGlobalNumActive = '.1.3.6.1.4.1.9.9.491.1.1.1.6.0'; - my $oid_cufwConnGlobalConnSetupRate1 = '.1.3.6.1.4.1.9.9.491.1.1.1.10.0'; - my $oid_cufwConnGlobalConnSetupRate5 = '.1.3.6.1.4.1.9.9.491.1.1.1.11.0'; - my $result = $self->{snmp}->get_leef(oids => [$oid_cufwConnGlobalNumActive, $oid_cufwConnGlobalConnSetupRate1, - $oid_cufwConnGlobalConnSetupRate5], nothing_quit => 1); - - my $exit1 = $self->{perfdata}->threshold_check(value => $result->{$oid_cufwConnGlobalConnSetupRate1}, - threshold => [ { label => 'crit_avg1m', 'exit_litteral' => 'critical' }, { label => 'warn_avg1m', exit_litteral => 'warning' } ]); - my $exit2 = $self->{perfdata}->threshold_check(value => $result->{$oid_cufwConnGlobalConnSetupRate5}, - threshold => [ { label => 'crit_avg5m', 'exit_litteral' => 'critical' }, { label => 'warn_avg5m', exit_litteral => 'warning' } ]); - my $exit = $self->{output}->get_most_critical(status => [ $exit1, $exit2 ]); - $self->{output}->output_add(severity => $exit, - short_msg => sprintf("Average Connections per seconds: %d (last 1min), %d (last 5min)", - $result->{$oid_cufwConnGlobalConnSetupRate1}, $result->{$oid_cufwConnGlobalConnSetupRate5})); - - $exit = $self->{perfdata}->threshold_check(value => $result->{$oid_cufwConnGlobalNumActive}, - threshold => [ { label => 'critical_current', 'exit_litteral' => 'critical' }, { label => 'warning_current', exit_litteral => 'warning' } ]); - $self->{output}->output_add(severity => $exit, - short_msg => sprintf("Current active connections: %d", - $result->{$oid_cufwConnGlobalNumActive})); - - $self->{output}->perfdata_add(label => "connections_1m", unit => 'con/s', - value => $result->{$oid_cufwConnGlobalConnSetupRate1}, - warning => $self->{perfdata}->get_perfdata_for_output(label => 'warn_avg1m'), - critical => $self->{perfdata}->get_perfdata_for_output(label => 'crit_avg1m'), - min => 0); - $self->{output}->perfdata_add(label => "connections_5m", unit => 'con/s', - value => $result->{$oid_cufwConnGlobalConnSetupRate1}, - warning => $self->{perfdata}->get_perfdata_for_output(label => 'warn_avg1m'), - critical => $self->{perfdata}->get_perfdata_for_output(label => 'crit_avg1m'), - min => 0); - $self->{output}->perfdata_add(label => "connections_current", - value => $result->{$oid_cufwConnGlobalNumActive}, - warning => $self->{perfdata}->get_perfdata_for_output(label => 'warning_current'), - critical => $self->{perfdata}->get_perfdata_for_output(label => 'critical_current'), - min => 0); - - $self->{output}->display(); - $self->{output}->exit(); -} - -1; - -__END__ - -=head1 MODE - -Check current/average connections on Cisco ASA (CISCO-UNIFIED-FIREWALL-MIB). - -=over 8 - -=item B<--warning-average> - -Threshold warning: averaged number of connections which the firewall establishing per second (1min,5min). - -=item B<--critical-average> - -Threshold critical: averaged number of connections which the firewall establishing per second (1min,5min). - -=item B<--warning-current> - -Threshold warning: number of connections which are currently active. - -=item B<--critical-current> - -Threshold critical: number of connections which are currently active. - -=back - -=cut - \ No newline at end of file diff --git a/network/cisco/asa/plugin.pm b/network/cisco/asa/plugin.pm index d87fbb019..09eaa3ba9 100644 --- a/network/cisco/asa/plugin.pm +++ b/network/cisco/asa/plugin.pm @@ -37,7 +37,7 @@ sub new { 'interfaces' => 'snmp_standard::mode::interfaces', 'list-interfaces' => 'snmp_standard::mode::listinterfaces', 'memory' => 'centreon::common::cisco::standard::snmp::mode::memory', - 'sessions' => 'network::cisco::asa::mode::sessions', + 'sessions' => 'centreon::common::cisco::standard::snmp::mode::sessions', ); return $self;