2009-08-14 Sancho Lerena <slerena@artica.es>

* linux/pandora_agent_installer: Fixed problems with .conf backup * linux/plugins/iptables_plugin: New agent plugin for Netfilter. * linux/plugins/apache_status: new agent plugin (apache status). * linux/plugins/inventory: Added users and process. Fixed weird problem with inexistant XML attribute VALUE ¿?. Now works fine. * linux/plugins/pandora_df: New agent plugin (disk space). git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1850 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
2009-08-14 18:14:37 +00:00 · 2009-08-14 18:14:37 +00:00 · 2b047cda94
parent ec9e25bce6
commit 2b047cda94
6 changed files with 208 additions and 8 deletions
--- a/pandora_agents/ChangeLog
+++ b/pandora_agents/ChangeLog
@ -1,3 +1,16 @@
+2009-08-14  Sancho Lerena <slerena@artica.es>
+
+	* linux/pandora_agent_installer: Fixed problems with .conf backup
+
+	* linux/plugins/iptables_plugin: New agent plugin for Netfilter.
+
+	* linux/plugins/apache_status: new agent plugin (apache status).
+
+	* linux/plugins/inventory: Added users and process. Fixed weird
+	problem with inexistant XML attribute VALUE ¿?. Now works fine.
+
+	* linux/plugins/pandora_df: New agent plugin (disk space).
+
 2009-08-12  sancho Lerena <slerena@artica.es>

        * linux/pandora_agent: Added LSB tags to startup daemon for SUSE
--- a/pandora_agents/linux/pandora_agent_installer
+++ b/pandora_agents/linux/pandora_agent_installer
@ -131,10 +131,10 @@ install () {
        cp pandora_agent_daemon $PANDORA_HOME

        echo "Copying Pandora FMS Agent configuration file to $PANDORA_HOME/pandora_agent.conf..."
-        if [ -e $PANDORA_HOME/pandora_agent.conf ]
+        if [ -e /etc/pandora/pandora_agent.conf ]
        then
-        	cp $PANDORA_HOME/pandora_agent.conf $PANDORA_HOME/pandora_agent.conf.$OLDFILENAMETMP
-        	echo "Backing up old configuration file to $PANDORA_HOME/pandora_agent.conf.$OLDFILENAMETMP"
+        	cat /etc/pandora/pandora_agent.conf > /etc/pandora/pandora/pandora_agent.conf.$OLDFILENAMETMP
+        	echo "Backing up old configuration file to /etc/pandora_agent.conf.$OLDFILENAMETMP"
        fi
        
        echo "Copying default agent configuration to $PANDORA_HOME/pandora_agent.conf"
--- a/pandora_agents/linux/plugins/apache_status
+++ b/pandora_agents/linux/plugins/apache_status
@ -0,0 +1,42 @@
+#!/bin/bash
+
+# THIS PLUGIN needs netcat (nc) and have the status extension enabled in your Apache2.
+# Also need to setup advanced status in your apache setup (ExtendedStatus On)
+
+ASTAT="`echo -e 'GET /server-status?auto HTTP/1.0\n\n' | nc -w 10 localhost 80`"
+AP_CPULOAD=`echo $ASTAT | grep -o "CPULoad: [0-9.]*" | awk '{ print $2}'`
+AP_REQSEC=`echo $ASTAT | grep -o "ReqPerSec: [0-9.]*" | awk '{ print $2}'`
+AP_TOTACC=`echo $ASTAT | grep -o "Total Accesses: [0-9]*" | awk '{ print $3}'`
+AP_BUSY=`echo $ASTAT | grep -o "BusyWorkers: [0-9]*" | awk '{ print $2}'`
+AP_BPS=`echo $ASTAT | grep -o "BytesPerSec: [0-9]*" | awk '{ print $2}'`
+
+echo "<module>"
+echo "<name>Apache Total Accesses</name>"
+echo "<type>generic_data_inc</type>"
+echo "<data>$AP_TOTACC</data>"
+echo "</module>"
+
+echo "<module>"
+echo "<name>Apache Request per second</name>"
+echo "<type>generic_data</type>"
+echo "<data>0$AP_REQSEC</data>"
+echo "</module>"
+
+echo "<module>"
+echo "<name>Apache Busy Workers</name>"
+echo "<type>generic_data</type>"
+echo "<data>$AP_BUSY</data>"
+echo "</module>"
+
+echo "<module>"
+echo "<name>Apache BytesPerSecond Served</name>"
+echo "<type>generic_data</type>"
+echo "<data>$AP_BPS</data>"
+echo "</module>"
+
+echo "<module>"
+echo "<name>Apache CPULoad</name>"
+echo "<type>generic_data</type>"
+echo "<data>$AP_CPULOAD</data>"
+echo "</module>"
+
--- a/pandora_agents/linux/plugins/inventory
+++ b/pandora_agents/linux/plugins/inventory
@ -1,12 +1,11 @@
 #!/usr/bin/perl
 ###############################################################################
 #
-# Copyright (c) 2009  Ramon Novoa  <rnovoa@artica.es>
 # Copyright (c) 2009  Artica Soluciones Tecnologicas S.L.
 #
 # inventory	Generate a hardware/software inventory.
 # 
-# Sample usage:	./inventory <interval in days> [cpu] [ram] [video] [nic] [hd] [cdrom] [software] [init_services] [filesystem]
+# Sample usage:	./inventory <interval in days> [cpu] [ram] [video] [nic] [hd] [cdrom] [software] [init_services] [filesystem] [process] [users]
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
@ -90,6 +89,47 @@ sub get_servicies_init_machine($$) {
 	}
 }

+# Get a list of running processes
+sub get_processes ($$) {
+	my ($name, $modules) = @_;
+
+	my $script = "ps aux";
+
+        my @services = `$script`;
+        foreach my $row (@services) {
+                my %module;
+				# Remove carriage returns				
+				$row =~ s/[\n\l\f]//g;
+                $module{'service'} = $row;
+                $module{'_keys'} = ['service'];
+                push (@{$modules->{$name}}, \%module);
+        }
+}
+
+# Get a list of valid users in the system
+sub get_users ($$) {
+        my ($name, $modules) = @_;
+
+        my $script = "cat /etc/passwd";
+	my $user = "";
+	my $estado = "";
+
+        my @services = `$script`;
+        foreach my $row (@services) {
+                my %module;
+
+		next unless ($row =~ /^([A-Za-z0-9\-\_]*)/);
+
+                $user = $1;
+                $script = `passwd -S $user`;
+                if ( $script =~ /^(\S+)\sP./){
+	                $module{'user'} = $user;
+                	$module{'_keys'} = ['user'];
+                	push (@{$modules->{$name}}, \%module);
+		}
+        }
+}
+
 # Get a list of installed programs
 sub get_software_module_data ($$) {
 	my ($name, $modules) = @_;
@ -137,7 +177,7 @@ sub print_module ($$) {
 			$data .= ($data eq '' ? '' : ';') . $item->{$key};
 		}

-		print "      <data><value><![CDATA[$data]]></value></data>\n";
+		print "      <data><![CDATA[$data]]></data>\n";
 	}
 	print "    </datalist>\n";
 	print "  </inventory_module>\n";
@ -145,7 +185,7 @@ sub print_module ($$) {

 # Check command line parameters
 if ($#ARGV < 0) {
-	print "Usage: $0 <interval> [cpu] [ram] [video] [nic] [hd] [cdrom] [software] [init_services] [filesystem]\n\n";
+	print "Usage: $0 <interval> [cpu] [ram] [video] [nic] [hd] [cdrom] [software] [init_services] [filesystem] [users] [process] \n\n";
 	exit 1;
 }

@ -222,6 +262,15 @@ if ($enable_all == 1 || $enabled{'filesystem'} == 1) {
 	get_file_system('File system', \%modules);
 }

+#processes
+if ($enable_all == 1 || $enabled{'process'} == 1) {
+	get_processes('Process', \%modules);
+}
+
+#users
+if ($enable_all == 1 || $enabled{'users'} == 1){
+	get_users ('Users', \%modules);
+}

 # Print module data
 print "<inventory>\n";
--- a/pandora_agents/linux/plugins/iptables_plugin
+++ b/pandora_agents/linux/plugins/iptables_plugin
@ -0,0 +1,95 @@
+#!/bin/bash
+
+# -----------------------------------------------------------------
+# Netfilter / GNULinux Network IPTables plugin for Pandora FMS
+# (c) Sancho Lerena 2008-2009. 
+# This is an agent plugin, used only on local agents
+# NOTE: This agent needs the system command 'bc' to calculate hex data
+# -----------------------------------------------------------------
+
+TEMP=/tmp/network.tmp
+cat /proc/net/stat/ip_conntrack | tail -1 | tr "[:lower:]" "[:upper:]" > $TEMP
+CT_ENTRIES_T=`cat $TEMP | awk '{ print $1 }'`
+CT_ENTRIES=`echo "ibase=16; $CT_ENTRIES_T" | bc`
+CT_NEW_T=`cat $TEMP | awk '{ print $3 }'`
+CT_NEW=`echo "ibase=16; $CT_NEW_T" | bc`
+CT_INVALID_T=`cat $TEMP | awk '{ print $4 }'`
+CT_INVALID=`echo "ibase=16; $CT_INVALID_T" | bc`
+
+rm $TEMP 2> /dev/null
+
+CONTRACKFILE=/tmp/conntrack.pandora
+cat /proc/net/ip_conntrack > $CONTRACKFILE 2> /dev/null
+
+fw_con_established=`cat $CONTRACKFILE | grep ESTABLISH | wc -l`
+fw_con_timewait=`cat $CONTRACKFILE | grep TIME_WAIT | wc -l`
+fw_con_syn_wait=`cat $CONTRACKFILE | grep SYN_ | wc -l`
+fw_con_fin_wait=`cat $CONTRACKFILE | grep FIN_WAIT | wc -l`
+fw_con_unreplied=`cat $CONTRACKFILE | grep UNREPLIED | wc -l`
+fw_enabled=`cat /proc/sys/net/ipv4/ip_forward`
+
+rm $CONTRACKFILE 2> /dev/null
+
+echo "<module>"
+echo "<name>Conntrack Active Entries</name>"
+echo "<type>generic_data</type>"
+echo "<description>Get active entries in Netfilter conntrack session table</description>"
+echo "<data>$CT_ENTRIES</data>"
+echo "</module>"
+
+echo "<module>"
+echo "<name>Conntrack New</name>"
+echo "<type>generic_data_inc</type>"
+echo "<description>Get new connections in Netfilter conntrack session table</description>"
+echo "<data>$CT_NEW</data>"
+echo "</module>"
+
+echo "<module>"
+echo "<name>Conntrack Invalid</name>"
+echo "<type>generic_data_inc</type>"
+echo "<description>Get invalid entries in Netfilter conntrack session table</description>"
+echo "<data>$CT_INVALID</data>"
+echo "</module>"
+
+echo "<module>"
+echo "<name>fw_con_established</name>"
+echo "<type>generic_data</type>"
+echo "<description>Established connetions on Firewall</description>"
+echo "<data>$fw_con_established</data>"
+echo "</module>"
+
+echo "<module>"
+echo "<name>fw_con_timewait</name>"
+echo "<type>generic_data</type>"
+echo "<description>Established connections pending to timeout</description>"
+echo "<data>$fw_con_timewait</data>"
+echo "</module>"
+
+echo "<module>"
+echo "<name>fw_con_syn_wait</name>"
+echo "<type>generic_data</type>"
+echo "<description>Not-established connections, waiting to other side</description>"
+echo "<data>$fw_con_syn_wait</data>"
+echo "</module>"
+
+echo "<module>"
+echo "<name>fw_con_fin_wait</name>"
+echo "<type>generic_data</type>"
+echo "<description>Established connections waiting FIN on other side</description>"
+echo "<data>$fw_con_fin_wait</data>"
+echo "</module>"
+
+echo "<module>"
+echo "<name>fw_con_unreplied</name>"
+echo "<type>generic_data</type>"
+echo "<description>Unreplied connection attempts</description>"
+echo "<data>$fw_con_unreplied</data>"
+echo "</module>"
+
+echo "<module>"
+echo "<name>fw_enabled</name>"
+echo "<type>generic_proc</type>"
+echo "<description>Forwarding enabled</description>"
+echo "<data>$fw_enabled</data>"
+echo "</module>"
+
--- a/pandora_agents/linux/plugins/pandora_df
+++ b/pandora_agents/linux/plugins/pandora_df
@ -63,7 +63,8 @@ while (my ($filesystem, $use) = each (%filesystems)) {
 	print "<module>\n";
 	print "<name><![CDATA[" . $filesystem . "]]></name>\n";
 	print "<type><![CDATA[generic_data]]></type>\n";
-	print "<data><value><![CDATA[" . $use . "]]></value></data>\n";
+	print "<data><![CDATA[" . $use . "]]></data>\n";
+	print "<description>% of usage in this volume</description>\n";
 	print "</module>\n";
 }