From e0941027ea57e6ea4b731587af8a4b38835ce7a6 Mon Sep 17 00:00:00 2001 From: Dirk Goetz Date: Wed, 24 Sep 2014 10:37:24 +0200 Subject: [PATCH] Plugin Check Commands: Extend check_procs and check_http arguments fixes #7302 Signed-off-by: Michael Friedrich --- AUTHORS | 1 + doc/6-configuring-icinga-2.md | 41 ++++++++- itl/command-plugins.conf | 158 ++++++++++++++++++++++++++++++++-- 3 files changed, 189 insertions(+), 11 deletions(-) diff --git a/AUTHORS b/AUTHORS index e30f585d3..09a1bcbbe 100644 --- a/AUTHORS +++ b/AUTHORS @@ -3,6 +3,7 @@ Alexander Wirt Bernd Erk Brian Dockter Carlos Cesario +Dirk Goetz Dolf Schimmel Gaƫl Beaudoin Gerd von Egidy diff --git a/doc/6-configuring-icinga-2.md b/doc/6-configuring-icinga-2.md index 76c0c405c..42b51112b 100644 --- a/doc/6-configuring-icinga-2.md +++ b/doc/6-configuring-icinga-2.md @@ -2013,11 +2013,31 @@ http_port | **Optional.** The TCP port. Defaults to 80 when not u http_ssl | **Optional.** Whether to use SSL. Defaults to false. http_sni | **Optional.** Whether to use SNI. Defaults to false. http_auth_pair | **Optional.** Add 'username:password' authorization pair. +http_proxy_auth_pair | **Optional.** Add 'username:password' authorization pair for proxy. http_ignore_body | **Optional.** Don't download the body, just the headers. +http_linespan | **Optional.** Allow regex to span newline. http_expect_body_regex | **Optional.** A regular expression which the body must match against. Incompatible with http_ignore_body. +http_expect_body_eregi | **Optional.** A case-insensitive expression which the body must match against. Incompatible with http_ignore_body. +http_invertregex | **Optional.** Changes behavior of http_expect_body_regex and http_expect_body_eregi to return CRITICAL if found, OK if not. http_warn_time | **Optional.** The warning threshold. http_critical_time | **Optional.** The critical threshold. http_expect | **Optional.** Comma-delimited list of strings, at least one of them is expected in the first (status) line of the server response. Default: HTTP/1. +http_certificate | **Optional.** Minimum number of days a certificate has to be valid. Port defaults to 443. +http_clientcert | **Optional.** Name of file contains the client certificate (PEM format). +http_privatekey | **Optional.** Name of file contains the private key (PEM format). +http_headerstring | **Optional.** String to expect in the response headers. +http_string | **Optional.** String to expect in the content. +http_post | **Optional.** URL encoded http POST data. +http_method | **Optional.** Set http method (for example: HEAD, OPTIONS, TRACE, PUT, DELETE). +http_maxage | **Optional.** Warn if document is more than seconds old. +http_contenttype | **Optional.** Specify Content-Type header when POSTing. +http_useragent | **Optional.** String to be sent in http header as User Agent. +http_header | **Optional.** Any other tags to be sent in http header. +http_extendedperfdata | **Optional.** Print additional perfdata. Defaults to "false". +http_onredirect | **Optional.** How to handle redirect pages. Possible values: "ok" (default), "warning", "critical", "follow", "sticky" (like follow but stick to address), "stickyport" (like sticky but also to port) +http_pagesize | **Optional.** Minim page size required:Maximum page size required. +http_timeout | **Optional.** Seconds before connection times out. + #### ftp @@ -2147,10 +2167,23 @@ Check command object for the `check_procs` plugin. Custom Attributes: -Name | Description -----------------|-------------- -procs_wgreater | **Optional.** The process count warning threshold. Defaults to 250. -procs_cgreater | **Optional.** The process count critical threshold. Defaults to 400. +Name | Description +---------------------|-------------- +procs_warning | **Optional.** The process count warning threshold. Defaults to 250. +procs_critical | **Optional.** The process count critical threshold. Defaults to 400. +procs_metric | **Optional.** Check thresholds against metric. +procs_timeout | **Optional.** Seconds before plugin times out. +procs_traditional | **Optional.** Filter own process the traditional way by PID instead of /proc/pid/exe. Defaults to "false". +procs_state | **Optional.** Only scan for processes that have one or more of the status flags you specify. +procs_ppid | **Optional.** Only scan for children of the parent process ID indicated. +procs_vsz | **Optional.** Only scan for processes with VSZ higher than indicated. +procs_rss | **Optional.** Only scan for processes with RSS higher than indicated. +procs_pcpu | **Optional.** Only scan for processes with PCPU higher than indicated. +procs_user | **Optional.** Only scan for processes with user name or ID indicated. +procs_argument | **Optional.** Only scan for processes with args that contain STRING. +procs_argument_regex | **Optional.** Only scan for processes with args that contain the regex STRING. +procs_command | **Optional.** Only scan for exact matches of COMMAND (without path). +procs_nokthreads | **Optional.** Only scan for non kernel threads. Defaults to "false". #### swap diff --git a/itl/command-plugins.conf b/itl/command-plugins.conf index 7970e8d0f..fcc2f4dc0 100644 --- a/itl/command-plugins.conf +++ b/itl/command-plugins.conf @@ -182,6 +182,18 @@ object CheckCommand "http" { "--sni" = { set_if = "$http_sni$" } + "-C" = { + value = "$http_certificate$" + description = "Minimum number of days a certificate has to be valid. Port defaults to 443." + } + "-J" = { + value = "$http_clientcert$" + description = "Name of file contains the client certificate (PEM format)" + } + "-K" = { + value = "$http_privatekey$" + description = "Name of file contains the private key (PEM format)" + } "-a" = { value = "$http_auth_pair$" description = "Username:password on sites with basic authentication" @@ -189,15 +201,87 @@ object CheckCommand "http" { "--no-body" = { set_if = "$http_ignore_body$" } - "-r" = "$http_expect_body_regex$" "-w" = "$http_warn_time$" "-c" = "$http_critical_time$" "-e" = "$http_expect$" + "-d" = { + value = "$http_headerstring$" + description = "String to expect in the response headers" + } + "-s" = { + value = "$http_string$" + description = "String to expect in the content" + } + "-P" = { + value = "$http_post$" + description = "URL encoded http POST data" + } + "-j" = { + value = "$http_method$" + description = "Set http method (for example: HEAD, OPTIONS, TRACE, PUT, DELETE)" + } + "-M" = { + value = "$http_maxage$" + description = "Warn if document is more than seconds old" + } + "-T" = { + value = "$http_contenttype$" + description = "Specify Content-Type header when POSTing" + } + "-l" = { + setif = "$http_linespan$" + description = "Allow regex to span newline" + order = 1 + } + "-r" = { + value = "$http_expect_body_regex$" + description = "Search page for regex" + order = 2 + } + "-R" = { + value = "$http_expect_body_eregi$" + description = "Search page for case-insensitive regex" + order = 2 + } + "--invert-regex" = { + set_if = "$http_invertregex$" + description = "Return CRITICAL if found, OK if not" + } + "-b" = { + value = "$http_proxy_auth_pair$" + description = "Username:password on proxy-servers with basic authentication" + } + "-A" = { + value = "$http_useragent$" + description = "String to be sent in http header as User Agent" + } + "-k" = { + value = "$http_header$" + description = "Any other tags to be sent in http header" + } + "-E" = { + set_if = "$http_extendedperfdata$" + description = "Print additional perfdata" + } + "-f" = { + value = "$http_onredirect$" + description = "How to handle redirect pages" + } + "-m" = { + value = "$http_pagesize$" + description = "Minim page size required:Maximum page size required" + } + "-t" = { + value = "$http_timeout$" + description = "Seconds before connection times out" + } } vars.http_address = "$address$" vars.http_ssl = false vars.http_sni = false + vars.http_linespan = false + vars.http_invertregex = false } object CheckCommand "ftp" { @@ -354,13 +438,73 @@ object CheckCommand "procs" { command = [ PluginDir + "/check_procs" ] - arguments = { - "-w" = "$procs_wgreater$" - "-c" = "$procs_cgreater$" - } + arguments = { + "-w" = { + value = "$procs_warning$" + description = "Generate warning state if metric is outside this range" + } + "-c" = { + value = "$procs_critical$" + description = "Generate critical state if metric is outside this range" + } + "-m" = { + value = "$procs_metric$" + description = "Check thresholds against metric" + } + "-t" = { + value = "$procs_timeout$" + description = "Seconds before plugin times out" + } + "-T" = { + set_if = "$procs_traditional$" + description = "Filter own process the traditional way by PID instead of /proc/pid/exe" + } + "-s" = { + value = "$procs_state$" + description = "Only scan for processes that have one or more of the status flags you specify" + } + "-p" = { + value = "$procs_ppid$" + description = "Only scan for children of the parent process ID indicated" + } + "-z" = { + value = "$procs_vsz$" + description = "Only scan for processes with VSZ higher than indicated" + } + "-r" = { + value = "$procs_rss$" + description = "Only scan for processes with RSS higher than indicated" + } + "-P" = { + value = "$procs_pcpu$" + description = "Only scan for processes with PCPU higher than indicated" + } + "-u" = { + value = "$procs_user$" + description = "Only scan for processes with user name or ID indicated" + } + "-a" = { + value = "$procs_argument$" + description = "Only scan for processes with args that contain STRING" + } + "--ereg-argument-array" = { + value = "$procs_argument_regex$" + description = "Only scan for processes with args that contain the regex STRING" + } + "-C" = { + value = "$procs_command$" + description = "Only scan for exact matches of COMMAND (without path)" + } + "-k" = { + set_if = "$procs_nokthreads$" + description = "Only scan for non kernel threads" + } + } - vars.procs_wgreater = 250 - vars.procs_cgreater = 400 + vars.procs_traditional = false + vars.procs_nokthreads = false + vars.procs_warning = 250 + vars.procs_critical = 400 } object CheckCommand "swap" {