icinga2/plugins/check_procs.cpp

336 lines
10 KiB
C++
Raw Normal View History

2014-11-06 16:36:42 +01:00
/******************************************************************************
* Icinga 2 *
2018-01-02 12:06:00 +01:00
* Copyright (C) 2012-2018 Icinga Development Team (https://www.icinga.com/) *
2014-11-06 16:36:42 +01:00
* *
* This program is free software; you can redistribute it and/or *
* modify it under the terms of the GNU General Public License *
* as published by the Free Software Foundation; either version 2 *
* of the License, or (at your option) any later version. *
* *
* This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
* GNU General Public License for more details. *
* *
* You should have received a copy of the GNU General Public License *
* along with this program; if not, write to the Free Software Foundation *
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. *
******************************************************************************/
2014-11-06 15:17:08 +01:00
#include <Windows.h>
#include <Shlwapi.h>
#include <tlhelp32.h>
#include <iostream>
2015-03-23 13:07:02 +01:00
#include "check_procs.h"
2014-11-06 15:17:08 +01:00
#define VERSION 1.0
namespace po = boost::program_options;
static BOOL debug = FALSE;
INT wmain(INT argc, WCHAR **argv)
2014-11-06 16:36:42 +01:00
{
2014-11-06 15:17:08 +01:00
po::variables_map vm;
printInfoStruct printInfo = { };
2015-03-23 13:07:02 +01:00
INT r = parseArguments(argc, argv, vm, printInfo);
2014-11-06 15:17:08 +01:00
if (r != -1)
return r;
if(!printInfo.user.empty())
return printOutput(countProcs(printInfo.user), printInfo);
return printOutput(countProcs(), printInfo);
}
INT parseArguments(INT ac, WCHAR **av, po::variables_map& vm, printInfoStruct& printInfo)
2014-11-06 16:36:42 +01:00
{
2015-03-23 13:07:02 +01:00
WCHAR namePath[MAX_PATH];
2014-11-06 15:17:08 +01:00
GetModuleFileName(NULL, namePath, MAX_PATH);
2015-03-23 13:07:02 +01:00
WCHAR *progName = PathFindFileName(namePath);
2014-11-06 15:17:08 +01:00
po::options_description desc;
desc.add_options()
2015-03-23 13:07:02 +01:00
("help,h", "Print help message and exit")
("version,V", "Print version and exit")
("debug,d", "Verbose/Debug output")
2015-03-23 13:07:02 +01:00
("user,u", po::wvalue<std::wstring>(), "Count only processes of user")
("warning,w", po::wvalue<std::wstring>(), "Warning threshold")
("critical,c", po::wvalue<std::wstring>(), "Critical threshold")
2014-11-06 15:17:08 +01:00
;
2015-03-23 13:07:02 +01:00
po::basic_command_line_parser<WCHAR> parser(ac, av);
2014-11-06 15:17:08 +01:00
try {
po::store(
parser
.options(desc)
.style(
po::command_line_style::unix_style |
po::command_line_style::allow_long_disguise)
.run(),
vm);
vm.notify();
2014-11-06 16:36:42 +01:00
} catch (std::exception& e) {
2015-03-23 13:07:02 +01:00
std::cout << e.what() << '\n' << desc << '\n';
2014-11-06 15:17:08 +01:00
return 3;
}
2014-11-06 15:17:08 +01:00
if (vm.count("help")) {
2015-03-23 13:07:02 +01:00
std::wcout << progName << " Help\n\tVersion: " << VERSION << '\n';
2014-11-06 15:17:08 +01:00
wprintf(
L"%s is a simple program to check a machines processes.\n"
L"You can use the following options to define its behaviour:\n\n", progName);
2015-03-23 13:07:02 +01:00
std::cout << desc;
2014-11-06 15:17:08 +01:00
wprintf(
L"\nIt will then output a string looking something like this:\n\n"
L"\tPROCS WARNING 67 | load=67;50;90;0\n\n"
2014-11-06 15:17:08 +01:00
L"\"PROCS\" being the type of the check, \"WARNING\" the returned status\n"
L"and \"67\" is the returned value.\n"
L"The performance data is found behind the \"|\", in order:\n"
L"returned value, warning threshold, critical threshold, minimal value and,\n"
2014-11-06 16:36:42 +01:00
L"if applicable, the maximal value. Performance data will only be displayed when\n"
L"you set at least one threshold\n\n"
2014-11-06 15:17:08 +01:00
L"For \"-user\" option keep in mind you need root to see other users processes\n\n"
L"%s' exit codes denote the following:\n"
2014-11-06 16:36:42 +01:00
L" 0\tOK,\n\tNo Thresholds were broken or the programs check part was not executed\n"
2014-11-06 15:17:08 +01:00
L" 1\tWARNING,\n\tThe warning, but not the critical threshold was broken\n"
L" 2\tCRITICAL,\n\tThe critical threshold was broken\n"
2014-11-06 16:36:42 +01:00
L" 3\tUNKNOWN, \n\tThe program experienced an internal or input error\n\n"
2014-11-06 15:17:08 +01:00
L"Threshold syntax:\n\n"
L"-w THRESHOLD\n"
L"warn if threshold is broken, which means VALUE > THRESHOLD\n"
L"(unless stated differently)\n\n"
L"-w !THRESHOLD\n"
L"inverts threshold check, VALUE < THRESHOLD (analogous to above)\n\n"
L"-w [THR1-THR2]\n"
L"warn is VALUE is inside the range spanned by THR1 and THR2\n\n"
L"-w ![THR1-THR2]\n"
L"warn if VALUE is outside the range spanned by THR1 and THR2\n\n"
L"-w THRESHOLD%%\n"
L"if the plugin accepts percentage based thresholds those will be used.\n"
L"Does nothing if the plugin does not accept percentages, or only uses\n"
L"percentage thresholds. Ranges can be used with \"%%\", but both range values need\n"
L"to end with a percentage sign.\n\n"
L"All of these options work with the critical threshold \"-c\" too."
, progName);
2015-03-23 13:07:02 +01:00
std::cout << '\n';
2014-11-06 15:17:08 +01:00
return 0;
}
2014-11-06 15:17:08 +01:00
if (vm.count("version")) {
2015-03-23 13:07:02 +01:00
std::wcout << "Version: " << VERSION << '\n';
2014-11-06 15:17:08 +01:00
return 0;
}
if (vm.count("warning")) {
try {
2015-03-23 13:07:02 +01:00
printInfo.warn = threshold(vm["warning"].as<std::wstring>());
} catch (std::invalid_argument& e) {
2015-03-23 13:07:02 +01:00
std::cout << e.what() << '\n';
return 3;
}
}
if (vm.count("critical")) {
try {
2015-03-23 13:07:02 +01:00
printInfo.crit = threshold(vm["critical"].as<std::wstring>());
} catch (std::invalid_argument& e) {
2015-03-23 13:07:02 +01:00
std::cout << e.what() << '\n';
return 3;
}
}
2014-11-06 15:17:08 +01:00
if (vm.count("user"))
2015-03-23 13:07:02 +01:00
printInfo.user = vm["user"].as<std::wstring>();
2014-11-06 15:17:08 +01:00
if (vm.count("debug"))
debug = TRUE;
2014-11-06 15:17:08 +01:00
return -1;
}
2015-03-23 13:07:02 +01:00
INT printOutput(CONST INT numProcs, printInfoStruct& printInfo)
{
if (debug)
2015-03-23 13:07:02 +01:00
std::wcout << L"Constructing output string" << '\n';
state state = OK;
if (printInfo.warn.rend(numProcs))
state = WARNING;
if (printInfo.crit.rend(numProcs))
state = CRITICAL;
2015-03-23 13:07:02 +01:00
std::wstring user = L"";
if (!printInfo.user.empty())
user.append(L" processes of user ").append(printInfo.user);
switch (state) {
case OK:
2015-03-23 13:07:02 +01:00
std::wcout << L"PROCS OK " << numProcs << user << L" | procs=" << numProcs << L";"
<< printInfo.warn.pString() << L";" << printInfo.crit.pString() << L";0;" << '\n';
break;
case WARNING:
2015-03-23 13:07:02 +01:00
std::wcout << L"PROCS WARNING " << numProcs << user << L" | procs=" << numProcs << L";"
<< printInfo.warn.pString() << L";" << printInfo.crit.pString() << L";0;" << '\n';
break;
case CRITICAL:
2015-03-23 13:07:02 +01:00
std::wcout << L"PROCS CRITICAL " << numProcs << user << L" | procs=" << numProcs << L";"
<< printInfo.warn.pString() << L";" << printInfo.crit.pString() << L";0;" << '\n';
break;
}
return state;
}
INT countProcs()
2014-11-06 16:36:42 +01:00
{
if (debug)
2015-03-23 13:07:02 +01:00
std::wcout << L"Counting all processes" << '\n';
HANDLE hProcessSnap = NULL;
2014-11-06 15:17:08 +01:00
PROCESSENTRY32 pe32;
if (debug)
2015-03-23 13:07:02 +01:00
std::wcout << L"Creating snapshot" << '\n';
2014-11-06 15:17:08 +01:00
hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hProcessSnap == INVALID_HANDLE_VALUE)
return -1;
pe32.dwSize = sizeof(PROCESSENTRY32);
if (debug)
2015-03-23 13:07:02 +01:00
std::wcout << L"Grabbing first proccess" << '\n';
2014-11-06 15:17:08 +01:00
if (!Process32First(hProcessSnap, &pe32)) {
CloseHandle(hProcessSnap);
return -1;
}
2015-03-23 13:07:02 +01:00
INT numProcs = 0;
2014-11-06 15:17:08 +01:00
if (debug)
2015-03-23 13:07:02 +01:00
std::wcout << L"Counting processes..." << '\n';
2014-11-06 15:17:08 +01:00
do {
++numProcs;
} while (Process32Next(hProcessSnap, &pe32));
if (debug)
2015-03-23 13:07:02 +01:00
std::wcout << L"Found " << numProcs << L" processes. Cleaning up udn returning" << '\n';
if (hProcessSnap)
CloseHandle(hProcessSnap);
2014-11-06 15:17:08 +01:00
return numProcs;
}
INT countProcs(CONST std::wstring user)
2014-11-06 16:36:42 +01:00
{
if (debug)
2015-03-23 13:07:02 +01:00
std::wcout << L"Counting all processes of user" << user << '\n';
2015-03-23 13:07:02 +01:00
CONST WCHAR *wuser = user.c_str();
INT numProcs = 0;
2014-11-06 15:17:08 +01:00
HANDLE hProcessSnap, hProcess = NULL, hToken = NULL;
PROCESSENTRY32 pe32;
DWORD dwReturnLength, dwAcctName, dwDomainName;
PTOKEN_USER pSIDTokenUser = NULL;
SID_NAME_USE sidNameUse;
LPWSTR AcctName, DomainName;
if (debug)
2015-03-23 13:07:02 +01:00
std::wcout << L"Creating snapshot" << '\n';
2014-11-06 15:17:08 +01:00
hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
if (hProcessSnap == INVALID_HANDLE_VALUE)
goto die;
pe32.dwSize = sizeof(PROCESSENTRY32);
if (debug)
2015-03-23 13:07:02 +01:00
std::wcout << L"Grabbing first proccess" << '\n';
2014-11-14 13:15:32 +01:00
if (!Process32First(hProcessSnap, &pe32))
2014-11-06 15:17:08 +01:00
goto die;
if (debug)
2015-03-23 13:07:02 +01:00
std::wcout << L"Counting processes..." << '\n';
2014-11-06 15:17:08 +01:00
do {
if (debug)
2015-03-23 13:07:02 +01:00
std::wcout << L"Getting process token" << '\n';
2014-11-06 15:17:08 +01:00
//get ProcessToken
hProcess = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, pe32.th32ProcessID);
if (!OpenProcessToken(hProcess, TOKEN_QUERY, &hToken))
2014-11-14 13:15:32 +01:00
//Won't count pid 0 (system idle) and 4/8 (Sytem)
2014-11-06 15:17:08 +01:00
continue;
//Get dwReturnLength in first call
dwReturnLength = 1;
if (!GetTokenInformation(hToken, TokenUser, NULL, 0, &dwReturnLength)
&& GetLastError() != ERROR_INSUFFICIENT_BUFFER)
2014-11-06 15:17:08 +01:00
continue;
2014-11-14 16:26:30 +01:00
pSIDTokenUser = reinterpret_cast<PTOKEN_USER>(new BYTE[dwReturnLength]);
2014-11-06 15:17:08 +01:00
memset(pSIDTokenUser, 0, dwReturnLength);
if (debug)
2015-03-23 13:07:02 +01:00
std::wcout << L"Received token, saving information" << '\n';
2014-11-06 15:17:08 +01:00
//write Info in pSIDTokenUser
if (!GetTokenInformation(hToken, TokenUser, pSIDTokenUser, dwReturnLength, NULL))
continue;
AcctName = NULL;
DomainName = NULL;
dwAcctName = 1;
dwDomainName = 1;
2017-12-13 12:54:14 +01:00
if (debug)
2015-03-23 13:07:02 +01:00
std::wcout << L"Looking up SID" << '\n';
2014-11-06 15:17:08 +01:00
//get dwAcctName and dwDomainName size
if (!LookupAccountSid(NULL, pSIDTokenUser->User.Sid, AcctName,
(LPDWORD)&dwAcctName, DomainName, (LPDWORD)&dwDomainName, &sidNameUse)
&& GetLastError() != ERROR_INSUFFICIENT_BUFFER)
continue;
2017-12-13 12:54:14 +01:00
2014-11-14 16:26:30 +01:00
AcctName = reinterpret_cast<LPWSTR>(new WCHAR[dwAcctName]);
DomainName = reinterpret_cast<LPWSTR>(new WCHAR[dwDomainName]);
2014-11-06 15:17:08 +01:00
if (!LookupAccountSid(NULL, pSIDTokenUser->User.Sid, AcctName,
(LPDWORD)&dwAcctName, DomainName, (LPDWORD)&dwDomainName, &sidNameUse))
continue;
if (debug)
2015-03-23 13:07:02 +01:00
std::wcout << L"Comparing " << AcctName << L" to " << wuser << '\n';
if (!wcscmp(AcctName, wuser)) {
2014-11-06 15:17:08 +01:00
++numProcs;
if (debug)
2015-03-23 13:07:02 +01:00
std::wcout << L"Is process of " << wuser << L" (" << numProcs << L")" << '\n';
}
2017-12-13 12:54:14 +01:00
2014-11-14 16:26:30 +01:00
delete[] reinterpret_cast<LPWSTR>(AcctName);
delete[] reinterpret_cast<LPWSTR>(DomainName);
2014-11-06 15:17:08 +01:00
} while (Process32Next(hProcessSnap, &pe32));
die:
if (hProcessSnap)
CloseHandle(hProcessSnap);
if (hProcess)
CloseHandle(hProcess);
if (hToken)
CloseHandle(hToken);
2014-11-14 16:26:30 +01:00
if (pSIDTokenUser)
delete[] reinterpret_cast<PTOKEN_USER>(pSIDTokenUser);
2014-11-06 15:17:08 +01:00
return numProcs;
2015-03-02 13:22:37 +01:00
}